Apple Quietly Removes Zoom’s Hidden web Server From Macs
It was discovered that Zoom, whose web conferencing software has more than four million users across desktop and mobile platforms, including Windows has multiple vulnerabilities. The vulnerabilities that were discovered include: CVE-2019-13449 (the original denial-of service flaw), CVE-2019-13567 (webcam takeover), and CVE-2019-13567 (a proof-of-concept making possible Remote Code Execution). The first and third issues should be fixed by updating to Zoom client version 4.4.2 on macOS and the second vulnerability is unpatched but mitigated by removing the web server.
Naked Security reports: "Apple Quietly Removes Zoom’s Hidden web Server From Macs"
Submitted by Anonymous
on