Apple has quietly issued an update to fix the weakness in Mac video-conferencing app Zoom that could let hackers take over the camera on your Mac.
Security researcher Jonathan Leitschuh revealed this week that Zoom makes it possible for websites to add you to a call by activating your webcam without permission.
Although Zoom has released a full fix for the problem, Apple has also issued a silent update that installs automatically, reports TechCrunch.
The worrying security flaw was not stopped by uninstalling the app either as the web server, where the vulnerability was found, was not removed during this process.
Many users may not even be aware the problem exists as they have already uninstalled the app.
Scroll down for video
Apple has issued an update that removes a hidden web server installed by a video-conferencing app that could let hackers take over the camera on your Mac (file photo)
Zoom issued a patch on Tuesday that will fix the bug and allow users to manually uninstall Zoom.
'We’re adding a new option to the Zoom menu bar that will allow users to manually and completely uninstall the Zoom client, including the local web server,' the company said.
'Once the patch is deployed, a new menu option will appear that says, “Uninstall Zoom.”
'By clicking that button, Zoom will be completely removed from the user’s device along with the user’s saved settings.'
On Tuesday, Zoom said it was releasing an update that will remove the local web server to secure the system and do away with the use of the web servers moving forward. It will also make it easier for users to uninstall the program altogether.
Mr Leitschuh revealed that the vulnerability on the Zoom app comes from the feature which allows you to send anyone a meeting link and when they open that link in their browser their Zoom client open automatically on their local machine.
The researcher says he contacted Zoom on March 26, giving the company a public disclosure deadline of 90 days.
He demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed.
That's possible in part because the Zoom app apparently installs a web server on Macs that accepts requests regular browsers wouldn't, the post said.
According to the Verge, uninstalling the Zoom app from your Mac isn't enough to fix the problem, either.