Zoom Vulnerability

[Update 7/9 @ 6:30pm] A third-party researcher has uncovered a security vulnerability in the Zoom client for the Apple Macintosh. This vulnerability affects access to the webcam on Macs with Zoom installed, and could allow a malicious person to control the user’s camera. An earlier issue, involving a DDOS (Distributed Denial of Service) attack has already been patched.

Zoom has this statement on their website which includes information on the steps required to download and apply the fix:


Additionally, UVA Information Security advises LSPs and users to also consider the following steps:

  1. In System Preferences, turn off Zoom access for camera (System Preferences > Security & Privacy > Privacy > Camera)
  2. In System Preferences, delete the Zoom profile if it exists (System Preferences > Profiles)
  3. Check these settings every time Zoom is used and reset them if necessary
  4. Check for Updates often (Zoom.us menu > Check for Updates)

Having a sliding cover attached to the webcam of your Computer is also a good idea in general.

If you have any questions, please contact [email protected]

Source URL: https://security.virginia.edu/homepage-alert-07-09-19