How to secure your Zoom conference line from hackers (free PDF)
A Zero Day vulnerability in the Mac Zoom Client allows any malicious website to enable the machine’s camera without the user’s permission, potentially impacting the 700,000+ companies worldwide using Zoom for video conferencing each day, security researcher Jonathan Leitschuh disclosed in a post on Medium.
The vulnerability leverages Zoom’s feature of allowing users to share a link that permits anyone to easily join a meeting. If you have ever installed Zoom on a Mac, the app installs a local web server, to get around changes introduced in Safari 12. You can check this on your Mac by running lsof -i :19421 in your terminal, Leitschuh found.
Leitschuh said he was able to exploit the vulnerability to create a URL that could drop users into a call and force video and audio on without their permission.
Thankfully, there are ways patch the Zoom vulnerability. Learn how by reading this free TechRepublic PDF download.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays