Skip to main content
  1. Home
  2. Computing
  3. News

Zoom’s one-click installation on Mac was always too good to be true

By

With so many people stuck at home due to the coronavirus pandemic, videoconferencing app Zoom has become immensely popular.

For many people (ourselves included), its best feature on the Mac was its incredibly simple one-click installation. Now, that’s gone. And while that’s a good thing for us, it’s not great for Zoom.

Recommended Videos

The prerequirement script

As it turns out, Zoom was doing something rather shady during the installation process. As documented by Felix Seele, technical lead at tech security firm VMRay, Zoom’s installer was abusing the MacOS installation process to bypass user consent. In some cases, it was even masquerading as the operating system in order to trick the user. It’s not the first time Zoom has been caught doing something dubious, and comes hot on the heels of news that Zoom’s privacy policy is highly questionable, which led to the company freezing development until it can sort itself out.

Here’s how the MacOS installation process normally works. You download the installer file — usually a DMG or PKG file — and double-click it to get started. In many cases, you’ll go straight to the installer, which presents a few pages giving you various installation options. Sometimes, though, you’ll see a dialog box explaining that the installer needs to determine if the app can run on your system. This is called a “prerequirement script.” Once it’s finished, the regular installation process begins.

Ever wondered how the @zoom_us macOS installer does it’s job without you ever clicking install? Turns out they (ab)use preinstallation scripts, manually unpack the app using a bundled 7zip and install it to /Applications if the current user is in the admin group (no root needed). pic.twitter.com/qgQ1XdU11M

— Felix (@c1truz_) March 30, 2020

Zoom’s installer abused this prerequirement script to bypass the regular installation process — and your consent. When Zoom told you it was running a prerequirement script and doing a few tests, it was actually installing the app without your knowledge. That’s what made the whole process so quick.

As Seele pointed out on Twitter, while this behavior is “not strictly malicious,” it is “very shady and definitely leaves a bitter aftertaste.” Apps that try to circumvent Apple’s processes and bypass user consent don’t exactly inspire confidence, after all.

But wait, there’s more

Zoom would adopt this shifty approach if it detected that you did not already have Zoom installed on your Mac. But if you did have it installed but didn’t have appropriate permissions to update it (say, if your Mac is part of your employer’s network and so has certain restrictions), Zoom would do something downright suspicious.

As Seele noted, in this situation, Zoom would launch something called “zoomAutenticationTool” (complete with typo), which was bundled into the PKG installer. This would spawn a prompt asking for the admin username and password.

However, not only did this make use of a deprecated (and notorious) API that was often abused to grant root privileges, but it did so by impersonating MacOS itself. Instead of being honest and telling the user that Zoom needed the admin password, the popup message would read: “System need your privilege to change” (again, with typos). The intention, apparently, was to trick the user into thinking their computer was asking for the password.

Needless to say, this is not exactly upright behavior. As Seele pointed out, it’s a tactic used by malware to fool people into installing things they shouldn’t. After he exposed these underhanded measures, Zoom apparently moved quickly to remove them. Try installing Zoom on a Mac now and you get the regular installation process.

On Windows? Zoom still has that one-click installer. While that’s great for convenience, given the debacle on Mac, we can’t help but wonder how long that will last.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Does your Mac need antivirus software in 2024? We asked the experts
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

It’s an age-old question among Apple fans: Does your Mac need antivirus software? Traditionally, the popular answer has been no -- Macs have strong built-in protections, the argument goes, and antivirus apps can potentially slow down your computer. In the end, the trade-off didn’t seem to be worth it.

But is that still true today? After all, Macs are increasingly becoming a target of cybercriminals, with some Mac malware strains supposedly even being created by nation states. In that kind of situation, has the game changed?

Read more
These 6 tweaks take MacBooks from great to nearly perfect
The MacBook Air on a white table.

I love getting a new MacBook. The slow-opening box, the fresh install of macOS, even the enchanting new Mac smell (which people have been rhapsodizing about for decades) -- it’s all part of the experience.

But you know what? MacBooks don't arrive perfect out of the box. There are a few things that I always have to adjust, regardless of how powerful the laptop is. From changing the default apps to unlocking a few hidden extras, here are the first six things to do with your new MacBook before putting it to work.
Unlock some trackpad tricks

Read more
Don’t download the latest macOS Ventura update just yet
The 14-inch MacBook Pro with M3 Max chip seen from behind.

We have a warning if your MacBook or other Mac machine is still running macOS Ventura. The latest macOS Ventura 13.6.6 update is bringing a lot of big bugs, and it is affecting the way that people are using their favorite Apple products, so you might want to hold off on downloading the update.

Originally released back on March 25, this problematic update came at the same time as macOS Sonoma 14.4.1, which patched issues with Java, USB hubs, and more. Unfortunately, though, macOS Ventura 13.6.6 is introducing some new issues of its own. Spotted by the folks at GottaBeMobile, Mac users have taken to Apple's support forums to complain of everyday issues linked to this release that are breaking their Macs.

Read more