Hacker News new | past | comments | ask | show | jobs | submit login

In the news segment of this week's episode of Risky Business[0], one of the hosts mentions (starting around 3:40) he has some information that there was an RCE disclosed to Zoom back "some months ago". He further says that @Jlleitschuh (the person reporting the web server issue earlier this week) got 90% of the way to finding it. So...yeah, speculation only, but maybe Apple became aware of this and dropped the hammer.

[0]: https://www.risky.biz/RB547/

They also discuss a case, where a user uninstalls Zoom, but does not remove the web server, remaining forever vulnerable, because the fix from Zoom will not reach them. That explains the Apple involvement.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact