Video conferencing company agrees to release patch for flaw that allowed hackers to access webcams

Video conferencing service provider Zoom confirmed July 10 that it will release a patch for a vulnerability that allowed hackers to hijack peoples' webcams, according to Wired.

Zoom originally planned to not completely fix the bug, only offering a tweak that gave users more control. On July 8, the company released a statement defending its efforts and addressing other flaws found by a security researcher.

The security researcher found that Zoom's video streaming settings launch automatically on Macs when users join a call. This could allow a hacker to distribute a malicious Zoom call link, trick people into clicking it and then have access to the webcam, Wired reports.

Users were not thrilled by the proposed tweak, causing Zoom to release a complete patch for the vulnerability, according to Wired.

Through the patch, Zoom would remove the local web server functionality that was used to bypass protections in Safari. Additionally, Zoom users will have access to a menu option to enable a full, manual uninstall of the app.

Zoom is also giving users more control over default settings, which is expected to be effective in a July 12 update.

More articles on cybersecurity:
Hospital CFOs are stepping into cybersecurity roles
US warns against Microsoft Outlook vulnerability
Smaller health systems struggle to follow cybersecurity best practices


© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months