Mac webcam flaw is also exploitable by RingCentral and Zhumu services [Updated]

How old of a MacBook is still good for a student?
How old of a MacBook is still good for a student? (Image credit: Joseph Keller/iMore)

What you need to know

  • The Zoom security flaw affecting Macs seems to extend to its offshoot services, RingCentral and Zhumu.
  • If you downloaded these apps, then the web server is installed in your computer.
  • RingCentral has rolled out an update, but Zhumu still hasn't.

Updated 1:36 p.m. PT: Apple has quietly rolled out a patch that will fix the vulnerabilities for both RingCentral and Zhumu. The news was confirmed by Apple in a statement to The Verge. Users who downloaded the app don't have to update anything, it'll be done automatically, but we would suggest deleting the two apps until Zoom thoroughly audits its services.

It seems the Zoom webcam security flaw is more far reaching than originally reported. First spotted by 9to5Mac, the same vulnerability that exposes the Mac's webcam to malicious websites is also present in video conferencing services RingCentral and Zhumu.

The news was originally speculated by Zoom whistleblower Jonathan Lietschuh, but has now been confirmed by researcher Kara Lyons.

RingCentral (and Zhumu, and likely all of Zoom's white labels) are vulnerable to another, slightly different, RCE. They are not automatically removed by Apple.

RingCentral and Zhumu are owned by Zoom and thus have the same code in their service, though slightly different layout. This means the same web server is being installed on your Mac if you installed these apps. Here's the bad news, all the patches to Zoom (from itself or Apple) don't apply to these other web conferencing services.

RingCentral has pushed out an emergency patch, but nothing so far from Zhumu. There are some terminal commands you can use to fend off the vulnerability.

As soon as more info comes out, we'll be sure to update you.

Danny Zepeda