If you’re a Mac user, you may be wondering how to tell if Zoom is running a secret web server on your computer. The answer is not difficult, but it’s worth taking the time to do so. To start, open Safari and type “zoom” into the address bar. If Zoom is not currently open, it will open automatically. If Zoom is open, you will see a web page that looks like this: If Zoom is running a secret web server on your computer, you will see this web page instead of the one shown above. To remove the secret web server from Zoom, follow these steps:
- Open Safari and type “zoom” into the address bar again.
- If Zoom is not currently open, it will open automatically. If Zoom is open, you will see a web page that looks like this:
- Click on the “X” in the top left corner of the screen to close it.
- Type “compose” into the address bar and hit enter. This will create a new document in Safari that has no tabs or windows and has only one tab called “Zoom.” This document will be named “Zoom_secret_server.”
Zoom, a popular video-conferencing application, is in hot water today. The Mac version runs a secret web server in the background—even after you uninstall it!—that can be used to reinstall Zoom and even turn on your video camera.
If you’re wondering whether you’re affected—maybe you’re not sure if someone has ever installed Zoom on your Mac and then uninstalled it—here’s how to check.
To see whether you have the main Zoom app currently installed, open the Finder app, select Applications, and look for “zoom.us” in the list. If you have this app installed, you almost certainly have the web server running.
But, even if you don’t have the app here, the web server will still be running in the background if you’ve ever installed and then uninstalled Zoom.
To check whether the server is running, open a Terminal window. To do so, press Command+Space to open Spotlight search, type “Terminal,” and press Enter. You can also head to Finder > Applications > Utilities > Terminal.
To discover whether the web server is running, type the following command and press Enter:
If you see a “ZoomOpene” process running, the web server is running in the background. If you don’t, it’s not.
If you do see Zoom’s web server running and you want to remove Zoom completely from your system, run the following commands.
These assume that you’ve uninstalled the Zoom app from your Applications folder first. If you haven’t, a Zoom update will likely re-enable the web server.
if you’d like to keep Zoom installed, Lifehacker‘s quick guide points out you should enable the “Turn off my video when joining a meeting” option for safety. Jonathan Leitschuh’s original disclosure provides more information about the problem.
Browser-based video conferencing apps may be a better solution in the future—if you’re just using an application in a browser with no software installation, it can’t do shady things like this to your Mac or PC.
— SwiftOnSecurity (@SwiftOnSecurity) July 9, 2019