What you need to know
- Another security flaw has been highlighted in Zoom.
- An ex-NSA hacker says a bug can be used to take over a Zoom user's Mac.
- They can also access your webcam and Microphone.
An ex-NSA hacker has found yet another critical security flaw in Zoom, this time in two bugs for Mac.
According to TechCrunch, an ex-NSA hacker has found two bugs within the macOS version of Zoom:
This is a reference to Zoom's installation protocol, which was described as "very shady" by experts. From that report:
Well, turns out that it is malicious because it can be used by an attacker to inject the installer with malicious code, obtaining "the highest level of user privileges".
A second bug, (yes, there's two, plus all the other ones) involves your webcam and microphone:
In fairness, as these have all been revealed by this blog post, giving Zoom almost no time to address them. However, Zoom appears to be a total dumpster fire when it comes to privacy and security. It has also been revealed that despite claims, Zoom's calls are not end-to-end encrpyted, and that its 'company director' feature pooled thousands of strangers, leaking personal data.
Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design.
Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple.
Get the best of iMore in in your inbox, every day!
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.