Apple's stealth Mac security update removes flawed software, report says

[InfoSec News <alerts () infosecnews org>]

https://www.cnet.com/news/apples-stealth-mac-security-update-removes-flawed-software-report-says/

By ABRAR AL-HEETI
CNet News
JULY 16, 2019

Apple quietly rolled out a Mac security update to remove flawed software from
Zoom partner apps RingCentral and Zhumu, according to a BuzzFeed News report.
The update will reportedly roll out automatically but could take some time to
reach all affected computers.

RingCentral and Zhumu are videoconferencing apps that use technology from Zoom.
Last week, security researcher Jonathan Leitschuh flagged a Zoom security flaw
that allowed websites to join users to video calls without permission and
activated Mac webcams without permission. In response, Zoom rolled out a patch
in which the company completely removed the local web server on Mac devices. The
feature was designed to facilitate joining meetings without extra clicks.

A report from security researcher Karan Lyons published Monday found that Zoom's
flaw affected partner apps. Lyons said in a tweet Tuesday that Apple's Mac
security update affects 11 apps that were vulnerable to the flaw.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_