A major security vulnerability was recently discovered that affects all Mac users who have used Zoom video conferencing.
This vulnerability also affects RingCentral users, as RingCentral white labels their video conferencing with Zoom.
This allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.
A step further, the vulnerability allows any site to DOS (Denial-of-service) a Mac user by repeatedly joining them to an invalid call.
On July 8th, Jonathan Leitschuh, a security researcher identified the vulnerability saying:
“Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.”
Zoom CEO, Eric Yuan has stated that a recent update fixes the issue and emphasized an increased focus on security to further protect users privacy.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
Disaster recovery plans are vital, not just important. Data becomes lost, deleted, purged, corrupted, all the time. Without that measure in place, data is truly lost. There does seem to be confusion on what constitutes a Disaster Recovery plan, however. While many...read more
Data backup is a critical part of an organization’s overall disaster recovery plan. The concept of data backup is simple: you make copies of your data and store them in a different location in case data is lost or destroyed.read more
ITonDemand was created over a decade ago to help support businesses and organizations IT services. We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do. We make your IT work for you.