Yesterday, a security researcher disclosed two related security vulnerabilities in Zoom’s macOS desktop client, which together allowed an attacker to force a user to join a Zoom meeting with video enabled.
Zoom released a patch that addresses the first vulnerability by removing the local web server entirely. It also announced a second update (slated for later this month) that will address the second vulnerability by asking first-time users to choose whether video is enabled automatically when joining a meeting. Existing Zoom users will not be prompted, and will need to disable auto-joining meetings with video manually in Zoom’s app preferences.
When it comes to incidents like these, it’s understandable if you’re worried about the safety of your fleet. If you use Fleetsmith however, you don’t need to do anything to keep your fleet protected.
Why? One of the biggest benefits of Fleetsmith is that any apps you’ve chosen to manage are not only installed automatically, but also updated automatically in the background, without user disruption, as long as you’re using Fleetsmith. This level of patch automation is something only Fleetsmith offers—other device management solutions don’t provide the same protection.
In this case, if you’re managing Zoom with Fleetsmith, the next time your employees open the application, they’ll already be running the latest patched version. And if any of your employees have the Zoom application open and running, you can make sure that even they are upgraded to the latest version by setting an enforcement with Fleetsmith. Zoom’s second July update will also be automatically installed by Fleetsmith once it’s available on devices where Zoom is being managed.
We built Fleetsmith to help you keep your fleet secure automatically, with as little work as possible for you. So rest assured—we’ve got your back when it comes to security incidents like these. If you have any additional questions, feel free to reach out to us at firstname.lastname@example.org.