If you are using Zoom, a video conferencing app on your Mac, then you might want to uninstall it now. In a report, it stated:
“This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission. On top of this, this vulnerability would have allowed any webpage to DOS (Denial of Service) a Mac by repeatedly joining a user to an invalid call.” – Jonathan Leitschuh
But Zoom stated that it has addressed the security flaws when it released its recent app update. It also added that users will have more control over their video settings when another update is available. Furthermore, users will have a tool that will eliminate all traces of Zoom from your device if you wish to uninstall it.
In March, Jonathan Leitschuh first reported the issue to the company. In that report, he stated that Zoom’s security flaw only affects Mac devices. The flaw enables any website to start a Zoom call automatically. Without your permission, the cam will be enabled.
Zoom also allowed some pages to carry out a denial of service attack, like spamming Mac users or freezing the machine. The flaw started when you install a web server by Zoom. It has been provided to make it compatible with the updates to Safari.
The goal of installing a local web server was to simplify the overall user experience. Zoom said that it is not alone in this solution. It did not find any evidence that its users have been affected by the security flaw or a denial of service attack.
Jonathan Leitschuh advised that the localhost web server must be removed to protect the users. But the Zoom team stated that the localhost server remains because Safari does not have URI handlers.
The July 9 patch will remove the local web server and let the users uninstall Zoom manually. It will also release another update that will address security concert, i.e. video on by default.
To delete the Zoom entirely from your Mac, you will have to delete the app and its local web server app manually.
Some experts believe that the easiest way to avoid those cons is to just use browser-based apps for every web meeting. It is easy to use and there is no need to install an app on your system. You can still do everything in the meeting the same way you would when you install the app.
On the other hand, if you need to install the app, consider installing it on your iPhone device. In that way, you will not be downloading and installing a problematic app on your main computer.
And if you think that your Mac is safe because you have not installed such application, you might want to be sure. Go to the Applications folder. Search for the Zoom app. You can only say that your Mac is fine if you cannot find Zoom in your Applications folder or that its server is not running on your Mac.