David Hanak A few days ago, it was reported that there is a security vulnerability in macOS that allows selected video conferencing applications to trigger unauthorized access to the webcam. Apple released a small patch shortly after this discovery, but it did not completely resolve the situation. Yesterday evening, therefore, the company released another one, but its effectiveness is still not entirely clear.
Last week released the security hotfix was supposed to prevent unauthorized access to the webcam that could occur when using the Zoom video conferencing application. Shortly after its publication, it became clear that the vulnerability not only affects the Zoom app, but also several others that are based on Zoom. So the problem still exists to a large extent, and that's why Apple decided to take action.
It could be interest you
Petr Škuta The security update released yesterday, which is available to all users of the current version of macOS, brings some additional security patches that should prevent the possibility of exploiting the webcam on your Mac. The security update should install itself and automatically, there is no need to search for it in System Preferences.
The new update removes special software that video conferencing apps installed on Macs. In fact, it is a local web server for incoming calls, which allowed unauthorized access to data from the webcam, for example, by clicking on a seemingly harmless link on the web. In addition, the incriminated video conference applications implemented this tool as a bypass of some macOS security measures, or Safari 12. Probably the most dangerous thing about the whole thing was that the web server remained on the device even after deleting the applications.
After yesterday's update, this webserver should be down and the system should remove it by itself. However, whether it is a complete removal of the threat remains to be seen.
Source: Macrumors
