Update July 10: Zoom has released a second new update that thoroughly resolves the Mac webcam vulnerability. Launch your Zoom client and go to zoom.us > Check for updates (as described below). Choose to update and install the latest version.
A vulnerability was recently discovered in the Zoom client for Mac computers.
In theory, a user could accept a malicious invite link to a meeting from a web page or an email, and this could automatically launch Zoom and activate a Mac’s webcam.
(Zoom notes there is no indication this has actually happened.)
Zoom has released a patch and advised people to update their Mac Zoom client. To update, launch the Zoom client application and choose zoom.us > Check for updates from the top menu.
In addition, Mac users can afford themselves additional protection by selecting zoom.us > Preferences from the top menu, then click Video at left, and check the box for “Turn off my video when joining at meeting.”
You’ll still be able to manually turn on your video if you’re in a legitimate meeting.
Again, exploiting this vulnerability requires the user to accept a malicious link. You can help protect yourself and your data by learning how to recognize malicious links and other types of phishing attacks. Visit the Office of Information Technology’s cybersecurity site for information about phishing.
For questions or assistance, please contact the Help Desk at (208) 426-4357 or helpdesk@boisestate.edu.