Please visit our Wednesday, July 10 blog post for more recent updates on this matter.
[UPDATE 2:35 pm PT, Tuesday 7/9]
The July 9 patch to the Zoom app on Mac devices detailed below is now live. You may see a pop-up in Zoom to update your client, download it at zoom.us/download
, or check for updates by opening your Zoom app window, clicking zoom.us in the top left corner of your screen, and then clicking Check for Updates.
[UPDATED 1:15 pm PT, Tuesday 7/9]
We appreciate the hard work of the security researcher in identifying security concerns on our platform. As a result, we have decided to make the updates to our service. Here are details surrounding tonight’s planned Zoom patch and our scheduled July release this weekend:
JULY 9 PATCH:
The patch planned for tonight (July 9) at or before 12:00 AM PT will do the following: 1. Remove the local web server entirely, once the Zoom client has been updated
- We are stopping the use of a local web server on Mac devices. Once the patch is deployed, Mac users will be prompted in the Zoom user interface (UI) to update their client. Once the update is complete, the local web server will be completely removed on that device. 2. Allow users to manually uninstall Zoom
- We’re adding a new option to the Zoom menu bar that will allow users to manually and completely uninstall the Zoom client, including the local web server. Once the patch is deployed, a new menu option will appear that says, “Uninstall Zoom.” By clicking that button, Zoom will be completely removed from the user’s device along with the user’s saved settings.
PLANNED JULY RELEASE:
Additionally, we have a planned release this weekend (July 12) that will address another security concern: video on by default. With this release: 1. First-time users who select the “Always turn off my video” box will automatically have their video preference saved.
The selection will automatically be applied to the user’s Zoom client settings and their video will be OFF by default for all future meetings. 2. Returning users can update their video preferences and make video OFF by default at any time through the Zoom client settings.
[UPDATED 11:05 am PT, Tuesday 7/9]
To be clear, Zoom honors the user's video settings. If the user has checked the video OFF option in their user setting, the host or any other participant cannot override the user's video preferences. There is only one scenario where a Zoom user’s video is automatically enabled upon joining a meeting. Two conditions must be met: 1) The meeting creator (host) has set their participants’ video to be on AND 2) The user has not checked the box to turn their video off.
[UPDATED 8:20 am PT, Tuesday 7/9]
We do not currently have an easy way to help a user delete both the Zoom client and also the Zoom local web server app on Mac that launches our client. The user needs to manually locate and delete those two apps for now. This was an honest oversight. As such, by this weekend we will introduce a new Uninstaller App for Mac to help the user easily delete both apps.