قالب وردپرس درنا توس
Home / Mac / Apple clearly removes Zoom's hidden Web server from Macs – Naked Security

Apple clearly removes Zoom's hidden Web server from Macs – Naked Security



In an embarrassing twist on the week long saga of Zoom's vulnerable web conferencing app, Apple has issued a "silent" update that automatically removes the software's hidden web server from Macs.

Zoom launched its own solution to do the same same day the day before, July 9, 2019, but Apple remains confident that these protected users who either hadn't updated the software or had deleted it before the company took this action.

Remove Something Hidden from a platform that Apple's not a good look, and to add insult to injury according to Apple's expert Patrick Wardle was removed using MacOS Malware Removal Tool (MRT).

Zoom later said that it had worked with Apple to "test" the removal update, even to someone who sounds like a face-saving statement about the obvious.

Rinse and Repeat

It is fair to say the last week was not good for all jobs at Zoom, whose web conferencing software boasts having over four million users on desktop and mobile platforms, including Windows ( Some of the users are also affected.)

The timeline of the vulnerabilities identified in Zoom and its responses to it has become quite confusing since the news of the issue was released on July 8, 2019 by researcher Jonathan Leitschuh.

Naked Security has already covered much of this in a previous story, including some basic limitations to it.

We will summarize the ever-confusing story since that coverage by noting that the vulnerabilities have now generated three advices:

  • CVE-2019-13449 (the original denial of service denial),
  • CVE -2019-13567 (webcam takeover, unpatched but reduced by removing the web server described above) and
  • CVE-2019-13567 (a convention that allows remote code execution).

The first and third issues should be solved by updating to the Zoom client version 4.4.2 on macOS (the software is also re-branded by RingCentral, in which case it is version 7.0.136380.0312).