Zoom Security Updates: What’s Occurred, Been Fixed & What you can do

In light of recent events, we wanted to post updates surrounding the popular conferencing app Zoom. The app has gained major popularity amidst this remote climate, however, all that growth comes with a cost. There have been multiple security concerns brought up & we wanted to do our best to summarize what has occurred & has been fixed. Additionally providing some additional tips to help stay secure going forward.

Major Events Timeline:

May 26th- Motherboard Investigation reveals Zoom’s iOS App had been sending data from users to Facebook. Data such as device model, OS, and specs however not personal info.

March 27th- Zoom patches iOS App to shut down sending of data to Facebook

A day later Zoom acknowledged the “feature” & sent out an update to prevent this going forward

March 30th- FBI Issues warning around “Zoom-bombing” & Bugs Galore

After rampant reports of users having their meeting hijacked by external parties, the FBI issued a public warning to users of Zoom to ensure their meetings aren’t left public or share links to said meeting to the public alongside other tips we’ll list below.

Around the same time, multiple bugs were brought public such as the Mac OS installer bug which revealed that Zoom had been using a technique to install the app on user’s macs before they even clicked “install” more about that here. Other bugs included the fact end to end encryption wasn’t used as promised by Zoom, hacks discovered that allowed zoom user microphone & webcam access.

April 1st-4th CEO Addresses Issues (multiple times)

Zoom CEO Eric Yuan published this blog post addressing the aforementioned bugs & reports. Announcing all feature updates would be put on pause to address all security concerns over the next 90 days. Apologizing multiple times following that as more bugs came to light.

“I really messed up as CEO, and we need to win their trust back. This kind of thing shouldn’t have happened”

What Zoom is doing/has done:

  • Frozen all feature update for 90 days to focus on security

  • Enhanced bug bounty program & hired third party firms to help ensure security is up to par

  • Updated iOS app to patch data that was being sent to Facebook

  • Re-wrote their Privacy Policy

  • The Pre-installer has been patched so the user to manually prompt to install the software

What you can do?

That all said as Zoom continues to work on fixing its issue what can you as a user do to stay safe on the platform?

Prevent Zoombombs


Screen Shot 2020-04-07 at 4.41.59 PM.png

Restrictions

  • Go to your Zoom Settings & you have the option to disable screen sharing other than you the host. Click on “In A Meeting (Basic) then Screen sharing.


Screen Shot 2020-04-07 at 4.42.13 PM.png

If you’re still concerned about using the Zoom platform as always there are multiple platforms you can consider using such as Google Meet, Slack, Lifesize & much more. We at Network Right value our customer privacy & security & thus want to keep them up to date on the latest happenings on the software they & their teams may be using. Following the above will help you stay safe & ensure your following best practices amidst all of these concerns.

Let's get started

Ready for streamlined IT solutions tailored by Network Right? Let’s begin this journey together.

learn more

How to: Opt Out of Slack’s AI Training Program

Slack started to introduce “AI” capabilities into Slack on February 14, 2024 and they suggested...

Proactive Threat Detection and Response: How Managed XDR and SOC Services Keep Your Business Secure

In today’s digital age, businesses are constantly exposed to evolving cyber threats that can jeopardize...

Advantages of Managed XDR and SOC Services for Round-the-Clock Infrastructure Monitoring

If you have ever attempted to, you’d know that 24/7 extended detection and response (XDR)...