The Zoom for Mac version of well-known remote video conferencing software has been found by security researchers to have serious security vulnerabilities. An attacker could exploit this vulnerability to remotely turn on the target user’s camera for monitoring, and even if the user uninstalls Zoom for Mac. Researcher Jonathan said the vulnerability was submitted to the developer a few months ago, but the developers have not fixed it so Jonathan decided to publish the vulnerability.
Jonathan said the attacker exploited the vulnerability to force users to connect to a video conference without the user’s permission and automatically invoke camera monitoring. In addition, the vulnerability can also be used to launch a denial of service attack on the website by repeatedly initiating an invalid call.
“This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.
On top of this, this vulnerability would have allowed any webpage to DOS (Denial of Service) a Mac by repeatedly joining a user to an invalid call.
Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.”
After the vulnerability detail was opened, some netizens began to try to use this vulnerability to verify. As a result, many users succeeded in launching an attack and calling the camera according to the details of the vulnerability.
What is even more worrying is that the researchers found that even if the user uninstalls Zoom, the vulnerability cannot be solved, and the attacker can continue to launch attack monitoring. The reason for this problem is that Zoom also comes with a web server installed to accept features and requests that are not possible with regular browsers.
Apple’s Safari browser will pop up a reminder when calling the camera for security reasons, asking the user to confirm that Zoom is trying to bypass the Apple limit. Even if the user uninstalls the Zoom server, it will not be automatically deleted. Instead, the server will continue to work to accept potential requests including hackers’ requests.