Apple Pushes Silent Update for Mac to Remove Zoom Web Server

Ruben Fields
July 11, 2019

Jonathan Leitschuh, the tech veteran who first spotted the problem late this March said that the problem is caused by the way Zoom is programmed to set up meetings and video conferences.

Video conferencing app Zoom has reportedly left millions of users exposed to a security flaw.

Yesterday, video conferencing service Zoom released an update for its Mac client, removing the controversial web server functionality that opened up the possibility of someone launching a video call on user's computer without permission. Updates to the Safari web browser has led to the fact, each time Zoom users had to re-configure the application. Users should update the client; manual downloads can be found here. It's used by 750,000 companies around the world to conduct their business, including such big names as Nasdaq, the U.S. Centers for Disease Control and Prevention, the U.S. Department of Homeland Security, and the U.S. Department of Energy.

Zoom also told BuzzFeed News that it doesn't even plan to add a dialog window to simply ask users if they would like to join a meeting after clicking an invite link.

UK Ambassador Who Called Trump 'Dysfunctional' Resigns
And while Boris Johnson's hesitation in backing him was a factor in Darroch's resignation , it was not the main reason. Darroch's grand residence in northwest Washington became a go-to gathering spot for Trump administration officials.

Teleconferencing software Zoom's emergency patch to fix a major flaw that could allow hackers to spy on Mac users through their webcam with zero interaction on their part wasn't enough for Apple, who have quietly rolled out a patch of its own to address the issue.

By Wednesday, that differentiator was reduced, as the company announced in a highly-updated blog post that it would walk back back its local web server support in a patch prepared for Tuesday night. Zoom clearly had not considered malicious uses - or, worse, had disregarded them - when they chose to remove this choice from the user, and appear to consider Zoom use, and presumably their revenue growth, more important than surveillance of users. "We expect the web server issue to be resolved today", Zoom spokesperson Priscilla McCarthy said to TechCrunch.

'Once the update is complete, the local web server will be completely removed on that device'. "A very poor decision by the folks at Zoom".

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER