Hey everyone,
there’s a massive security hole in the Zoom client/installations on all of our Macs that isn’t fixed to this day.
Here’s an article that gives a report of what’s going on: https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
You can patch yourself for now by scrolling down to the “Patch yourself” section and follow the steps described there. For non-developers, if this looks sketchy to you, feel free to reach out, I’m happy to support there.
The steps are:
- Turn off setting to automatically turn on camera when joining Zoom meeting (Start Zoom, Settings, Video, uncheck “Turn on my video when joining meeting”. Alternatively, you can run this inside of a terminal of your choice:
sudo defaults write /Library/Preferences/us.zoom.config.plist ZDisableVideo 1
- Shut down local webserver installed and run by Zoom. This one even exists if you’ve ever uninstalled Zoom. Run the following in your terminal:
lsof -i :19421
^ This will output a PID
. Then run:
kill -9 [PID]
- Remove
~/.zoomus
directory (This can destroy your system, if you don’t feel comfortable running this command, you can open your home directory, show hidden files, and remove the.zoomus
folder from there):
rm -rf ~/.zoomus
touch ~/.zoomus
Please act ASAP.
/cc @petty