advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
silent but deadly?!......Apple pushes 'silent' macOS update for the Zoom vulnerability.....
Posted by: NewtonMP2100
Date: July 11, 2019 07:25AM
....hmm, silently.......how unnerving......


Apple Pushes Automatic Mac Software Update to Remove Vulnerable Zoom Web Server

......Earlier this week, a serious vulnerability with the Zoom video conferencing app for macOS was disclosed, with attackers potentially able to hijack users' webcams.

The vulnerability was particularly notable because Zoom had installed a hidden web server on users' computers in order to allow for automatic answering of incoming calls, and that web server was not only the weak point that could be exploited, but it also was not removed upon deletion of the app. As a result, users who had previously deleted Zoom might not even realize they were vulnerable to this potential attack.

After initially defending the decision to install a web server on users' machines to work around changes in Safari 12 that would have required users to click to accept incoming calls, Zoom later backtracked and released a patch to remove the web server from users' computers.

Apple has now taken things one step further and pushed out a silent macOS update that removes the web server, reports TechCrunch. The update is deployed automatically, so users don't have to manually apply it in order for it to take effect.

Although Zoom released a fixed app version on Tuesday, Apple said its actions will protect users both past and present from the undocumented web server vulnerability without affecting or hindering the functionality of the Zoom app itself.

The update will now prompt users if they want to open the app, whereas before it would open automatically.

Zoom told TechCrunch it was "happy to have worked with Apple on testing this update" and that it should resolve all issues with the web server.

In a blog post, Zoom says it will take further action this weekend by automatically having first-time users who select "Always turn off my video" default to having video off for all future meetings. In addition, Zoom will be improving its bug bounty program and security-related issue escalation process.



without......a single word..........notice........?!



____________________________________________________

I reject your reality and substitute my own!



Edited 1 time(s). Last edit at 07/11/2019 07:36AM by NewtonMP2100.
Options:  Reply • Quote
Re: silent but deadly?!......Apple pushes 'silent' macOS update for the Zoom vulnerability.....
Posted by: mikebw
Date: July 11, 2019 09:28AM
... And just yesterday Zoom released an update that also removes the webserver.
Options:  Reply • Quote
Re: silent but deadly?!......Apple pushes 'silent' macOS update for the Zoom vulnerability.....
Posted by: RAMd®d
Date: July 11, 2019 11:15AM
Although Zoom released a fixed app version on Tuesday, Apple said its actions will protect users both past and present from the undocumented web server vulnerability without affecting or hindering the functionality of the Zoom app itself.




When a good man is hurt,
all who would be called good
must suffer with him.

You and I have memories longer than the road that stretches out ahead.

There is no safety for honest men
except by believing all possible evil
of evil men.

We don’t do focus groups. They just ensure that you don’t offend anyone, and produce bland inoffensive products. —Sir Jonathan Ive

Perfection is the enemy of progress. -Winston Churchill

-An armed society is a polite society.
And hope is a lousy defense.

You make me pull, I'll put you down.

Mister, that's a ten-gallon hat on a twenty-gallon head.

I *love* Sigs. It's Glocks I hate.
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 312
Record Number of Users: 52 on November 20, 2014
Record Number of Guests: 2330 on October 25, 2018