Apple Pushes Silent macOS Update to Remove 'Secret' Zoom Web Server

Although unnecessary, it is a seamless fix for Zoom security flaw.

By Gaurav Shukla | Updated: 11 July 2019 12:06 IST

Apple Pushes Silent macOS Update to Remove 'Secret' Zoom Web Server

Zoom is now readying an updated version of its app to fix "video on by default" feature

Highlights

Apple update doesn’t require user interaction
It will automatically be installed on connected Mac computers
It is a rare step by Apple against a known company

Apple has released a silent macOS update to remove the controversial local Web server installed by Zoom for Mac app. Although Zoom had released an emergency patch to remove the Web server, it seems Apple did not want to wait for the users to install the patch. Being a silent update, it will automatically remove the Web server on Mac computers without the need of any user interaction. According to a report, Zoom worked with Apple to release the silent update.

“We're happy to have worked with Apple on testing this update,” a Zoom spokesperson told TechCrunch. “We expect the Web server issue to be resolved today. We appreciate our users' patience as we continue to work through addressing their concerns.”

Although Apple's action was unnecessary, it is a seamless fix and puts an end to a part of the Zoom debacle. The issue will be completely fixed when Zoom released an updated version of its app this weekend that will start to save the video preference of its users, rather than forcing users to choose it every single time.

“With this release, first-time users who select “Always turn off my video” will automatically have their video preference saved,” Zoom CEO Eric S. Yuan said in a statement. “The selection will automatically be applied to the user's Zoom client settings and their video will be OFF by default for all future meetings. (Returning users can update their video preferences and make video OFF by default at any time through the Zoom client settings.)”

While Apple does push silent updates to thwart known malware, it is rare for the company to take such an action against a known company. Apple told TechCrunch that it pushed the update to protect users from the risks posed by the exposed Web server.

The whole Zoom saga started earlier this week when a security researcher Jonathan Leitschuh revealed how Zoom for Mac app include a Zero-Day vulnerability, which could potentially allow an attacker to forcibly join a Mac user to a video call with video enabled. Leitschuh also noted that Zoom was installing a local Web server on Mac computers to sidestep a Safari feature, allowing the company or an attacker to install Zoom app without user interaction on Mac.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.