San Francisco: To fix a faulty feature on video conferencing app Zoom, Apple has released a silent update for Mac users. To fix the vulnerability that was letting websites automatically add users to a video call without their permission, Apple’s update would now prompt users asking them if they want to open the app.
According to Apple, the automatically-deployed update removes the hidden web server, which Zoom quietly installed on users’ Macs when they installed the app, TechCrunch reported on Wednesday.
The video conferencing platform faced flack from users following a public vulnerability disclosure on Monday by a software engineer Jonathan Leitschuh after he described how any website could forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.
On Tuesday, Zoom released a fixed app version however Apple said its actions would protect users both past and present from the undocumented web server vulnerability without affecting or hindering the functionality of the Zoom app itself, the report said.
Over four million users across 750,000 companies use Zoom for video conferencing around the world.
“We’re happy to have worked with Apple on testing this update. We expect the web server issue to be resolved today. We appreciate our users’ patience as we continue to work through addressing their concerns,” the report quoted a Zoom spokesperson as saying.