Zoom, a popular video-conferencing application, is in hot water today. The Mac version runs a secret web server in the background—even after you uninstall it!—that can be used to reinstall Zoom and even turn on your video camera.
If you’re wondering whether you’re affected—maybe you’re not sure if someone has ever installed Zoom on your Mac and then uninstalled it—here’s how to check.
To see whether you have the main Zoom app currently installed, open the Finder app, select Applications, and look for “zoom.us” in the list. If you have this app installed, you almost certainly have the web server running.
But, even if you don’t have the app here, the web server will still be running in the background if you’ve ever installed and then uninstalled Zoom.
To check whether the server is running, open a Terminal window. To do so, press Command+Space to open Spotlight search, type “Terminal,” and press Enter. You can also head to Finder > Applications > Utilities > Terminal.
To discover whether the web server is running, type the following command and press Enter:
If you see a “ZoomOpene” process running, the web server is running in the background. If you don’t, it’s not.
If you do see Zoom’s web server running and you want to remove Zoom completely from your system, run the following commands.
These assume that you’ve uninstalled the Zoom app from your Applications folder first. If you haven’t, a Zoom update will likely re-enable the web server.
if you’d like to keep Zoom installed, Lifehacker‘s quick guide points out you should enable the “Turn off my video when joining a meeting” option for safety. Jonathan Leitschuh’s original disclosure provides more information about the problem.
Browser-based video conferencing apps may be a better solution in the future—if you’re just using an application in a browser with no software installation, it can’t do shady things like this to your Mac or PC.
— SwiftOnSecurity (@SwiftOnSecurity) July 9, 2019
