Zoom client for mac

broken image
broken image

This is not strictly malicious but very shady and definitely leaves a bitter aftertaste. In a clear case of “good apps behaving badly”, I noted in my original Twitter post that Zoom’s Mac app installer uses pre-installation scripts and displays a password dialog pretending to be an OS prompt.Įver wondered how the macOS installer does it’s job without you ever clicking install? Turns out they (ab)use preinstallation scripts, manually unpack the app using a bundled 7zip and install it to /Applications if the current user is in the admin group (no root needed). Our own team is no exception, so it came as a surprise that the widely-used application installs itself on Macs by working around Apple’s regular security, demonstrating behavior commonly associated with malware. It seems like overnight half the world switched to working from home and depending on Zoom for daily human interaction. This post was updated on Apto reflect Zoom’s response.