Hacker News new | past | comments | ask | show | jobs | submit login

In the news segment of this week's episode of Risky Business[0], one of the hosts mentions (starting around 3:40) he has some information that there was an RCE disclosed to Zoom back "some months ago". He further says that @Jlleitschuh (the person reporting the web server issue earlier this week) got 90% of the way to finding it. So...yeah, speculation only, but maybe Apple became aware of this and dropped the hammer.

[0]: https://www.risky.biz/RB547/

They also discuss a case, where a user uninstalls Zoom, but does not remove the web server, remaining forever vulnerable, because the fix from Zoom will not reach them. That explains the Apple involvement.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact