[Update 7/9 @ 6:30pm] A third-party researcher has uncovered a security vulnerability in the Zoom client for the Apple Macintosh. This vulnerability affects access to the webcam on Macs with Zoom installed, and could allow a malicious person to control the user’s camera. An earlier issue, involving a DDOS (Distributed Denial of Service) attack has already been patched.
Zoom has this statement on their website which includes information on the steps required to download and apply the fix:
https://blog.zoom.us/wordpress/2019/07/08/response-to-video-on-concern/
Additionally, UVA Information Security advises LSPs and users to also consider the following steps:
- In System Preferences, turn off Zoom access for camera (System Preferences > Security & Privacy > Privacy > Camera)
- In System Preferences, delete the Zoom profile if it exists (System Preferences > Profiles)
- Check these settings every time Zoom is used and reset them if necessary
- Check for Updates often (Zoom.us menu > Check for Updates)
Having a sliding cover attached to the webcam of your Computer is also a good idea in general.
If you have any questions, please contact [email protected]