Bug in video conferencing app Zoom allows websites camera access on Macs (page 3)

Image credit – Jonathan LeitschuhIf you’ve ever seen photos of people’s laptops with their webcams covered or taped up, it is because there is a legit concern about how the webcams on our laptops can be hijacked to be enabled without our knowledge. Given that they’re built into the display, it’s not as if we can point it away or unplug it so easily.Unfortunately, it seems that those fears have sort of come true, at least for Mac users after a flaw was recently discovered in the Zoom Mac client. For those unfamiliar, Zoom is a video conferencing client and according to researcher Jonathan Leitschuh, he discovered a flaw that would allow websites to initiate a video call on any Mac that has the app installed.According to Leitschuh, this flaw is partly due to the fact that Zoom creates and runs a local web server as a background process of the host machine. A statement made to ZDNet revealed that the reason for this was due to a workaround as part of the changes made in Safari 12.

'Zoom' app on Mac exposes users to having their webcam hijacked

Video conferencing company Zoom, based in California allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user's permission.

Tue 9 Jul 19 from Daily Mail

A flaw in Zoom's Mac app may have let attackers hijack webcams

A serious security flaw in the Mac version of conferencing software Zoom can hijack webcams, but also leave users vulnerable to phishing and DOS attacks.

Tue 9 Jul 19 from Engadget

Macs vulnerable to 'bananas' Zoom video flaw

The vulnerability could let malicious attackers force Macs to join video conferences, says researcher.

Tue 9 Jul 19 from BBC Technology

Flaw Discovered In Mac Video Conferencing Client Lets Hackers Enable Your Webcam

Image credit – Jonathan LeitschuhIf you’ve ever seen photos of people’s laptops with their webcams covered or taped up, it is because there is a legit concern about how the ...

Tue 9 Jul 19 from Ubergizmo

A vulnerability in Zoom’s Mac client could allow websites to turn on cameras without permission

A vulnerability in the Mac client for popular web conferencing app Zoom may allow any website to join a video call without permission, writes software engineer and security researcher Jonathan ...

Tue 9 Jul 19 from TechCrunch

Your Mac could be hijacked through major security flaw in Zoom conferencing app - CNET

A security flaw in Zoom's Mac app lets websites join you to video calls without your permission.

Mon 8 Jul 19 from CNET Cutting Edge

Serious Zoom security flaw could let websites hijack Mac cameras

Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website ...

Mon 8 Jul 19 from The Verge

Zoom Will Fix the Flaw That Let Hackers Hijack Webcams

While it at first dismissed the vulnerability, Zoom says it will release a patch Tuesday night.

Tue 9 Jul 19 from Wired Security

Bookmark

Bookmark and Share