Zoom Zero-Day Exploit Fix

Symptoms

This exploit allows non-authorized users to access the webcam on Mac computers via the Zoom app if a user joins a zoom session from an attacker. The current fix requires users to run an update for the app and make an adjustment to the app settings.

For those interested, you can follow updates from Zoom about this issue HERE.

Steps

To prevent this exploit from being available:

1. Update the Zoom app to version 4.4.53932.0709. There are two ways to update the Zoom app:
   
   1. Downloaded the update from Zoom's website HERE. 
   2. Launch the Zoom app from your Applications folder. Then click Zoom.us in the top left corner of your screen. In the drop down menu click Check for Updates. In the update window click update, then click install.
2. After updating, Launch the Zoom app from your Applications folder, then go to the app settings by click Zoom.us in the top left corner of your screen. In the drop down menu select Preferences. In the Preferences window, go to video, check the box that says, “Turn off my video when joining a meeting”

After updating, when you launch the Zoom app, you should see a window that looks like this:

Notes

When accepting zoom meetings, users should be certain that the meeting request is coming from someone that they trust. Any meeting requests that come from an unknown source should be reported to the CIS HelpDesk. 

Related articles

• Page:
  Preparing for Windows 11 - Laptop
• Page:
  Personal Information
• Page:
  SPU-AOVPN
• Page:
  Request Software for Classroom and Lab Computers
• Page:
  Phishing Messages