A number of security issues have been discovered with Zoom over the last week. The service has seen a massive rise in its user base due to the COVID-19 pandemic which has also led to it being put through intense scrutiny. To address all these security lapses, Zoom has announced that over the next 90 days, it will find and address all security issues with the service.
During this time period, the company will be enacting a feature freeze meaning it won’t be adding new features to Zoom and shift the focus of all its engineers towards improving the security. It will also be conducting a comprehensive security audit with third-party experts, enhance its existing bug bounty program, and prepare a transparency record for information related to data requests or content. Zoom will be engaging in a series of white box penetration tests to further identify security issues with its service.
Zoom’s founder and CEO Eric Yuan will be holding weekly webinars to provide security and privacy updates to the Zoom community. The company has already acknowledged and apologized for the confusion caused by not using end-to-end encryption for calls contrary to its claims. It has also removed the attendee attention tracker features, fixed all the reported security issues with its Mac app, and resolved other issues with its platform as well.
In its announcement today, Zoom’s CEO has also highlighted how the service has grown dramatically in just a few months. In December last year, Zoom was being used to conduct around 10 million meetings daily. That number crossed the 200 million mark in March this year. The service was never envisioned to scale this rapidly and it has taken a lot of effort on the part of the company to ensure it is able to cater to all its customers during this time of the pandemic.[Via Zoom]