Apple has released a silent MacOS update that removes the undocumented web server installed by the Zoom Conferencing app for Mac.
The web server accepts connections from any device connected to the same local area network, a security researcher said Monday. The server will continue to run even if a Mac user uninstalls Zoom. The researcher showed how the web server can be misused by people on the same network to force Macs to reinstall the conference app. Zoom released an emergency patch on Tuesday in response to fierce criticism from security researchers and end users.
Apple released its own update on Wednesday, a company representative told Ars. The update ensures that the web server is removed, even if users uninstalled Zoom or did not install the Tuesday update. Apple automatically deployed the silent update, meaning that no end-user notification or action was required.
The Apple Update prompts zoom users who click a conference link to confirm their participation. If you previously clicked on a link or even found a link hidden in a malicious website, Zoom was automatically opened and added to the conference. Zoom developers have also been criticized for this behavior as it could cause users to be unprepared and exposed to hackers.
Apple occasionally releases silent updates to block malware that is actively distributed on the Internet. In the rarest cases, the company will release silent updates that block or remove the installation of app users who have been installed at their discretion. The representative of Apple said that the company had taken this measure to protect users from the risks of the web server. According to researcher Jonathan Leitschuh, the zoom app is installed on around 4 million Macs.
Zoom representatives did not respond to an email seeking a comment for this post.