Mac Zoom client vulnerability allows malicious website to access your camera

I have gotten into the habit of putting a post-it over my Mac camera. Some folks laugh at this, but this is exactly the reason why.

That said, the headline link is a Medium post with all the details. Most damning, though:

Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.

If you’ve ever installed Zoom on your Mac and want to check for this local server, go to Terminal (it’s in Applications/Utilities) and type:

lsof -i :19421

If you enter the command and nothing comes back, you’re good. If you do get a result, you’ve got that web server running. If you don’t intentionally want that server running, here’s a tweet with instructions on killing it.

One final note on this. Here’s Zoom’s official response to all of this, posted on their blog as Response to Video-On Concern.

If you are a Zoom user, worth reading the linked Medium post and Zoom’s response. Then stick some post-its on your Mac camera. Just to be safe.