A flaw in the Zoom video conferencing software for Mac could allow someone running a website to turn on the cameras of visiting Apple users and record them.
The issue was discovered by software engineer Jonathan Leitschuh, who said it potentially exposes 750,000 companies around the world that use Zoom for day-to-day business.
In its public statement responding to Mr Leitschuh’s announcement, Zoom confirmed that the flaw existed, but denied the researcher’s claim that it would allow malicious sites to record people secretly.
“Because the Zoom client user interface runs in the foreground upon launch, it would be readily apparent to the user that they had unintentionally joined a meeting.”
The researcher warned that the flaw was even still present for Mac users who had installed the Zoom client and then uninstalled it.
He said that he originally informed Zoom of the issue on 26 March this year, but found it difficult to get in contact with the company’s security team.
Mr Leitschuh added that he was going public with his findings because the company had failed to fix the issue even after he had managed to contact them.
Zoom claimed that it responded to the issue within an hour when it was raised, and acknowledged that its website doesn’t currently provide clear information to security researchers for reporting concerns.
The company said it would be introducing some changes to the software in July which would address the researcher’s concerns.
Apple did not immediately respond to Sky News’ requests for a response.
Source: SKY NEWS