Apple is silently updating Macs again to remove insecure software from Zoom’s partners

Apple informed us that it has sent a silent security update to the Macs to remove the software that was automatically installed by RingCentral and Zhumu. These video conferencing applications used Zoom's technology (essentially they are white labels) and, therefore, they also had the security flaws of Zoom. Specifically, they installed secondary pieces of software that could take commands from websites to open their webcam in a video conference without their intervention.

Even uninstalling those applications would not eliminate that secondary web server, which would mean that many users would not get updates from software vendors to fix the problem. That means that Apple is better positioned to eliminate offensive software, and it is. Apple intends to solve the problem of all the associated applications of Zoom.

Yesterday, these additional problems arose from additional research into the associated applications of Zoom, but the biggest problem with the installation of a secondary web server that could potentially be unsafe began with a zero – disclosure to July 8. Since then, Zoom itself has been struggling to come up with the right solution for users, including a general description of whether such an update was even necessary in the first place.

Finally, he decided it was worth the update, but he could not remove the software for the users who had uninstalled his main application, so Apple had to intervene. Apple issued its first silent patch to remove Zoom's additional software on July 10, and today's update is essentially part of the same mitigation.

The central problem is derived from a change made by Zoom in its video conferencing software to fix a security update that Apple had made to Safari. Safari was recently updated in such a way that it required the user's approval to open a third-party application, each time, and Zoom wanted to prevent users from having to deal with that additional click. That required installing a web server that listened to calls to open Zoom conferences. Combine that with the fact that it was common and easy for Zoom users to have their default settings for having video when they join a call, and it is possible for a malicious website with an iframe to open a video call on their Mac with the camera on.

Leave a Reply

Your email address will not be published.