Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Mac Users: Uninstall Zoom
July 10, 2019
Beware, if you are a Mac user and installed the Zoom video conferencing software. Several sources have reported a flaw in Zoom that allows an attacker to turn on the webcam without the user’s knowledge. Cybersecurity researcher Jonathan Leitschuh disclosed details of an unpatched critical security vulnerability (CVE-2019-13450) in the Zoom client app for Apple Mac computers, which if combined with a separate flaw, could allow attackers to execute arbitrary code on the targeted systems remotely. The problem is with the click-to-join feature of Zoom. According to Leitschuh, as soon as Mac users with Zoom client installed on their system visits the malicious website, it will forceably launch the Zoom app and turn on their webcam, exposing them to attackers.
Simply uninstalling the app is not good enough to fix the problem because the click-to-join feature also accepts a command that automatically reinstalls Zoom without users' intervention or permission. The user also needs to manually disable the setting that allows Zoom to automatically turn your webcam on when joining a meeting. Go to the Zoom settings window and enable the "Turn off my video when joining a meeting" setting.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com