Leitschuh said this allowed Zoom to reinstall the app without requiring any user interaction.
The video conferencing giant took flack from users following a public vulnerability disclosure on Monday by Jonathan Leitschuh, in which he described how “any website forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.” The undocumented web server remained installed even if a user uninstalled Zoom.
The Cupertino, Calif.-based tech giant told TechCrunch that the update - now released - removes the hidden web server, which Zoom quietly installed on users’ Macs when they installed the app.Īpple said the update does not require any user interaction and is deployed automatically. Apple has released a silent update for Mac users removing a vulnerable component in Zoom, the popular video conferencing app, which allowed websites to automatically add a user to a video call without their permission.
0 kommentar(er)
