Zoom Mac Security Flaw Could Put 750,000 Companies at Risk

By August 15, 2019 Blog, Security

How many layers of security do you have between your employees and hackers? Learn how multi-factor authentication provides an extra wall against attackers.

Jonathan Leitschuh, a software engineer and security researcher at Gradle Inc., made a public revelation this past July about a critical vulnerability in the Zoom application.

Jonathan Leitschuh, a software engineer and security researcher at Gradle Inc., made a public revelation this past July about a critical vulnerability in the Zoom application. Zoom is a popular web video conferencing app based in the cloud, with over 4 million users across almost a million organizations. The bug Leitschuh found resided in the MacOS version of the app, and would had allowed an external website to access and control a user’s webcam through Zoom.

Zoom Webpage Access and DOS Possibility

According to Leitschuh, the vulnerability originates from Zoom’s open meeting joining functionality, which generates a link that anyone can click on to attend the video conference. Leitschuh’s research shows that in order to do this, the app connects your device to a web server (with some questionable protocols according to the researcher). A hacker leveraging this remote process can force your computer to join the meeting without you ever knowing, as well as cause denial-of-service (DOS) by repeatedly forcing you to join a non-existent meeting.

App Can Potentially Force RCE, Meetings, and Reinstallation

Leitschuh uncovered many deeply concerning aspects of Zoom’s web functions, chief among them its ability to essentially force your machine into accepting its protocols. Though he was unable to completely confirm it, the security researcher theorized that an enterprising hacker could figure out a way to leverage this flaw for a remote code execution (RCE), but at the very least Leitschuh was able to prove that it can force webcam activation if it was installed. He also found that the web server could remain installation on your computer, even if Zoom was uninstalled, and could simply reinstall the app if commanded to.

Zoom ‘Quick Fix’

Leitschuh and Gradle reached out to Zoom several times about the vulnerability, and were finally able to get their attention after some time and recommend a few fixes. However, Zoom tried to get Gradle to remain quiet on the vulnerability, which they refused to do, and after the customary 90 grace period Leitschuh revealed the flaw in early July. It is interesting to note that Leitschuh found that the only suggestion Zoom followed up on initially was a temporary quick fix that he recommended as a stop gap, and only took more dedicate measures once he released that knowledge soon after the first disclosure

The bug Leitschuh found resided in the MacOS version of the app, and would had allowed an external website to access and control a user’s webcam through Zoom.

 

Apple Patch for Zoom on Mac

Apple, on the other hand, did not waste much time in releasing a security patch for Mac computers only a few days after Leitschuh disclosed the vulnerability in Zoom’s update. Apple’s fix ensures that users receives a prompt asking if they want to join a meeting, rather than forcing them as before.

Zoom Security Vulnerabilities

This is not the first time Zoom has experienced a flaw like this – a similar vulnerability was found in August 2018 that affected Windows and Linux machines along with MacOS. There has been no word on whether this recent bug is present in other operating systems, but Leitschuh did point out that all of the white-labeled services which copy Zoom’s code can also be affected.

Carefully Monitor Remote Access

While bugs always appear in software, the Zoom debacle illustrates how serious these vulnerabilities become in a remote cloud environment. With how many employees are joining the distributed workforce, it is important that for your business to stay protected, you must learn how to secure all remote connections and prevent hackers from silently infiltrating your network.

Download our white paper here to find out how to fortify your organization’s remote access connections.

""
1
DOWNLOAD WHITE PAPER
First Name
Last Name
Titleyour full name
PhonePhone Number
Companyyour full name
Previous
Next