Thursday 2 April 2020 1:01 pm

Zoom vows to fix security issues as daily user numbers surge to 200m

Zoom has vowed to focus its resources on fixing a string of security issues as the video conferencing app reported a surge in user numbers during the coronavirus crisis.

The popular video service has faced fierce scrutiny over its security and practices in recent weeks after a number of bugs were exposed.

Read more: Zoom under scrutiny as popularity skyrockets during coronavirus crisis

The company today said it will take a number of measures to address the problems, including freezing the rollout of additional features and conducting a full third-party review of its security measures.

It comes as Zoom faces a huge rise in its demand as millions of people turn to video apps to conduct business meetings and socialise.

In March the app racked up more than 200m daily users — up from roughly 10m in December last year.

This includes more than 90,000 schools in 20 countries that are using the service for remote education.

In a blog post chief executive Eric Yuan said he recognised that Zoom had fallen short of expectations for privacy and security. 

“We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socialising from home,” he wrote.

“We now have a much broader set of users who are utilising our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived.”

Yesterday a former NSA hacker exposed bugs that could allow hackers to take over a Zoom user’s microphone and webcam.

Another recently-exposed bug meant attackers could use the app to steal Windows login details from other users.

Read more: Zoom bug allows hackers to take over webcam and microphone

Zoom said it will expand its existing bug bounty programme — a scheme that offers cash rewards to cybersecurity experts and hackers who identify flaws in the company’s software.

From next week Yuan will also host a weekly webinar to provide security and privacy updates to users.