Apple has pushed yet another silent update to macOS to address the Mac hijack vulnerability in RingCentral and Zhumu. These two apps are powered by Zoom, and thus present the same web server vulnerability as Zoom.
The Zoom vulnerability, which was discovered last week, was addressed by a silent macOS update issued by Apple to remove part of the application’s web server function. Apple has apparently deployed another silent security update to remove web servers installed by RingCentral and Zhumu. As with the update pushed last week, this one does not require any user interaction to install.
The RingCentral and Zhumu applications, which use the same underlying code as Zoom, also installed their own web server functions in macOS. This function allows users to easily join meetings with one click, but also leaves users susceptible to have their webcam and microphone hijacked.
Unfortunately, RingCentral and Zhumu aren’t the only video conferencing apps that use Zoom’s code. Apple says that it hopes to patch the vulnerability for all of Zoom’s partner apps in the coming days.
Last week, Apple noted that it “often pushes silent signature updates to Macs” to remove known malware, but that it rarely publicly takes action against a known app. Issues like these will only increase the prevalence of physical web cam covers.
Stay tuned for additional details as they become available.