<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>HI Marita,</p>
    <p>I just wrote a note to the Executive leaders of the NCSG as
      listed on the website asking them to join with us and speak as one
      voice</p>
    <p>Judith<br>
    </p>
    <pre class="moz-signature" cols="80">_________________________________________________________________________
Judith Hellerstein, Founder & CEO
Hellerstein & Associates
3001 Veazey Terrace NW, Washington DC 20008
Phone: (202) 362-5139  Skype ID: judithhellerstein
Mobile/Whats app: +1202-333-6517
E-mail: <a class="moz-txt-link-abbreviated" href="mailto:Judith@jhellerstein.com">Judith@jhellerstein.com</a>   Website: <a class="moz-txt-link-abbreviated" href="http://www.jhellerstein.com">www.jhellerstein.com</a>
Linked In: <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/jhellerstein/">www.linkedin.com/in/jhellerstein/</a>
Opening Telecom & Technology Opportunities Worldwide

</pre>
    <div class="moz-cite-prefix">On 7/11/2019 9:51 AM, Marita Moll
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:295f65d6-1b18-e78e-d4c1-2a74429b08bc@ca.inter.net">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <p><font size="+1">Well, Judith, I can make the suggestion -- or
          maybe it should come from a member of the TTF.</font></p>
      <p><font size="+1">Marita<br>
        </font></p>
      <p><br>
      </p>
      <div class="moz-cite-prefix">On 7/11/2019 9:46 AM, Judith
        Hellerstein wrote:<br>
      </div>
      <blockquote type="cite"
        cite="mid:26cde541-29bc-ac7e-2ca2-0eedd42c7e74@jhellerstein.com">
        <meta http-equiv="Content-Type" content="text/html;
          charset=UTF-8">
        <p>HI Marita,</p>
        <p>Why not have NCSG join the TTF.  We are open to all.  We have
          prepared a sheet like they are asking and have shared it with
          the IT staff who thought it was very helpful.  What would be
          better is NCSG sent reps or joined the TTF than we could all
          speak with once voice.  </p>
        <p>Best,</p>
        <p>Judith<br>
        </p>
        <pre class="moz-signature" cols="80">_________________________________________________________________________
Judith Hellerstein, Founder & CEO
Hellerstein & Associates
3001 Veazey Terrace NW, Washington DC 20008
Phone: (202) 362-5139  Skype ID: judithhellerstein
Mobile/Whats app: +1202-333-6517
E-mail: <a class="moz-txt-link-abbreviated" href="mailto:Judith@jhellerstein.com" moz-do-not-send="true">Judith@jhellerstein.com</a>   Website: <a class="moz-txt-link-abbreviated" href="http://www.jhellerstein.com" moz-do-not-send="true">www.jhellerstein.com</a>
Linked In: <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/jhellerstein/" moz-do-not-send="true">www.linkedin.com/in/jhellerstein/</a>
Opening Telecom & Technology Opportunities Worldwide

</pre>
        <div class="moz-cite-prefix">On 7/11/2019 9:42 AM, Marita Moll
          wrote:<br>
        </div>
        <blockquote type="cite"
          cite="mid:0643b995-5eed-7885-b845-bb0393a1ce90@ca.inter.net">
          <meta http-equiv="Content-Type" content="text/html;
            charset=UTF-8">
          <p><font size="+1" face="Times New Roman, Times, serif">Thanks
              Judith, for this background. </font><font size="+1"
              face="Times New Roman, Times, serif">But what I am asking
              is whether there is any appetite in At-large to join in
              the suggestion below clipped from a discussion on the NCSG
              list. </font><font size="+1" face="Times New Roman,
              Times, serif"><font size="+1" face="Times New Roman,
                Times, serif"><font size="+1" face="Times New Roman,
                  Times, serif"> I get it that the TTF already has
                  covered some of this </font></font>but I think
              formalizing the arrangement as suggested below would be
              good cooperative gesture and I definitely think there
              should be a tender. <br>
            </font></p>
          <p><font size="+1" face="Times New Roman, Times, serif">Here
              is the proposal from the NCSG list that I would like to
              see us consider:<br>
            </font></p>
          <div id="bloop_customfont"
            style="font-family:Helvetica,Arial;font-size:13px; color:
            rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><font
              size="+1">"Then, a recommendation to Chairs of ACs and
              SOs: ICANN Board and CEO could be requested to set up a
              specifications sheet for a desirable conferencing tool,
              based on needs expressed by the multi-stakeholder
              community, and publish that as a tender. Offers received
              could then be reviewed not only by Staff, but in
              consultation with ACs and SOs."</font></div>
          <font size="+1"> </font>
          <div id="bloop_customfont"
            style="font-family:Helvetica,Arial;font-size:13px; color:
            rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><br>
          </div>
          <div style="font-family:Helvetica,Arial;font-size:13px; color:
            rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><font
              size="+1">Marita</font><br>
          </div>
          <p><font face="Times New Roman, Times, serif"> </font></p>
          <div class="moz-cite-prefix">On 7/10/2019 10:05 AM, Judith
            Hellerstein wrote:<br>
          </div>
          <blockquote type="cite"
            cite="mid:91a07500-b502-f8d2-2a9b-0a9decffba36@jhellerstein.com">
            <meta http-equiv="Content-Type" content="text/html;
              charset=UTF-8">
            <p>HI Marita,</p>
            <p>Yes the TTF had discussed zoom and others technology
              platforms with the ICANN Meetings team and also had sent
              them our comparison sheet of items that we need to see and
              what we hope to see in a new web meetings software. We
              were actively involved early on in the process. We then
              had a follow up call later on with questions regarding
              Zoom with the ICANN Meetings team. We can discuss this
              vulnerability at the next TTF meeting. We work Closely
              with Mark Seagal from ICANN IT who is our designated
              Liaison and also with Sara Caplis of the ICANN Meetings
              team who is the lead person on Zoom and other related
              software used<br>
            </p>
            <p>Best,</p>
            <p>Judith<br>
            </p>
            <pre class="moz-signature" cols="80">_________________________________________________________________________
Judith Hellerstein, Founder & CEO
Hellerstein & Associates
3001 Veazey Terrace NW, Washington DC 20008
Phone: (202) 362-5139  Skype ID: judithhellerstein
Mobile/Whats app: +1202-333-6517
E-mail: <a class="moz-txt-link-abbreviated" href="mailto:Judith@jhellerstein.com" moz-do-not-send="true">Judith@jhellerstein.com</a>   Website: <a class="moz-txt-link-abbreviated" href="http://www.jhellerstein.com" moz-do-not-send="true">www.jhellerstein.com</a>
Linked In: <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/jhellerstein/" moz-do-not-send="true">www.linkedin.com/in/jhellerstein/</a>
Opening Telecom & Technology Opportunities Worldwide

</pre>
            <div class="moz-cite-prefix">On 7/10/2019 3:00 PM, Marita
              Moll wrote:<br>
            </div>
            <blockquote type="cite"
              cite="mid:d8dd3455-6163-9310-a755-86fdf1ae39a8@ca.inter.net">
              <meta http-equiv="content-type" content="text/html;
                charset=UTF-8">
              <p><font size="+1" face="Times New Roman, Times, serif">Hello
                  all. I did bring up issues around the Zoom platform in
                  early June and I have not yet had a chance to take the
                  issues I see with the platform any further. But there
                  is a robust discussion going on at NCSG with the idea
                  below re: a joint recommendation from SO's/AC's for
                  community input into the choices that are made about
                  platform changes that affect us so profoundly. Perhaps
                  we should indicate our support for this sort of action
                  -- through our technology task force.</font></p>
              <p><font size="+1" face="Times New Roman, Times, serif">Marita</font><br>
              </p>
              <div class="moz-forward-container"><br>
                <br>
                -------- Forwarded Message --------
                <table class="moz-email-headers-table" cellspacing="0"
                  cellpadding="0" border="0">
                  <tbody>
                    <tr>
                      <th valign="BASELINE" nowrap="nowrap"
                        align="RIGHT">Subject: </th>
                      <td>Re: Zoom Structural Vulnerability Discovered</td>
                    </tr>
                    <tr>
                      <th valign="BASELINE" nowrap="nowrap"
                        align="RIGHT">Date: </th>
                      <td>Wed, 10 Jul 2019 15:21:51 +0200</td>
                    </tr>
                    <tr>
                      <th valign="BASELINE" nowrap="nowrap"
                        align="RIGHT">From: </th>
                      <td>Jean-Jacques Subrenat <a
                          class="moz-txt-link-rfc2396E"
                          href="mailto:jjs@DYALOG.NET"
                          moz-do-not-send="true"><jjs@DYALOG.NET></a></td>
                    </tr>
                    <tr>
                      <th valign="BASELINE" nowrap="nowrap"
                        align="RIGHT">Reply-To: </th>
                      <td>Jean-Jacques Subrenat <a
                          class="moz-txt-link-rfc2396E"
                          href="mailto:jjs@DYALOG.NET"
                          moz-do-not-send="true"><jjs@DYALOG.NET></a></td>
                    </tr>
                    <tr>
                      <th valign="BASELINE" nowrap="nowrap"
                        align="RIGHT">To: </th>
                      <td><a class="moz-txt-link-abbreviated"
                          href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                          moz-do-not-send="true">NCSG-DISCUSS@LISTSERV.SYR.EDU</a></td>
                    </tr>
                  </tbody>
                </table>
                <br>
                <br>
                <style>body{font-family:Helvetica,Arial;font-size:13px}</style>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;">First, a remark: for Adobe, Zoom or other tool
                  providers, ICANN may not be the single largest client,
                  but it is certainly a significant one owing to its
                  nature (quasi-regulatory, multi-stakeholder, some
                  parts geared to non-commercial users).</div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;"><br>
                </div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;">Then, a recommendation to Chairs of ACs and
                  SOs: ICANN Board and CEO could be requested to set up
                  a specifications sheet for a desirable conferencing
                  tool, based on needs expressed by the
                  multi-stakeholder community, and publish that as a
                  tender. Offers received could then be reviewed not
                  only by Staff, but in consultation with ACs and SOs.</div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;"><br>
                </div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;">This would get us closer to what we,
                  collectively, consider as the appropriate tool for the
                  numerous conference calls held throughout ICANN.</div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;"><br>
                </div>
                <div id="bloop_customfont"
                  style="font-family:Helvetica,Arial;font-size:13px;
                  color: rgba(0,0,0,1.0); margin: 0px; line-height:
                  auto;">Jean-Jacques Subrenat.</div>
                <br>
                <br>
                <p class="airmail_on">Le 10 juillet 2019 à 14:46:20,
                  Paul Rosenzweig (<a
                    href="mailto:paul.rosenzweig@redbranchconsulting.com"
                    moz-do-not-send="true">paul.rosenzweig@redbranchconsulting.com</a>)
                  a écrit:</p>
                <blockquote type="cite" class="clean_bq"><span>
                    <div link="blue" vlink="purple" lang="EN-US">
                      <div><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
                        <div class="WordSection1">
                          <p class="MsoNormal">This is assuredly right. 
                            The change from Adobe to Zoom may, or may
                            not, have been right for ICANN and for this
                            group for any number of reasons ranging from
                            cost, to security, to scalability and
                            utility.  But let’s not romanticize Adobe. 
                            They are not a terribly secure platform
                            generically.  As James said, the Zoom
                            response is poor – but we can’t hang that
                            around the neck of ICANN org.  <o:p></o:p></p>
                          <p class="MsoNormal"><o:p> </o:p></p>
                          <p class="MsoNormal">P<o:p></o:p></p>
                          <p class="MsoNormal"><o:p> </o:p></p>
                          <div>
                            <p class="MsoNormal">Paul Rosenzweig<o:p></o:p></p>
                            <p class="MsoNormal"><a
                                href="mailto:paul.rosenzweig@redbranchconsulting.com"
                                moz-do-not-send="true"><span
                                  style="color:#0563C1">paul.rosenzweig@redbranchconsulting.com</span></a><o:p></o:p></p>
                            <p class="MsoNormal">O: +1 (202) 547-0660<o:p></o:p></p>
                            <p class="MsoNormal">M: +1 (202) 329-9650<o:p></o:p></p>
                            <p class="MsoNormal">VOIP: +1 (202) 738-1739<o:p></o:p></p>
                            <p class="MsoNormal"><a
                                href="http://www.redbranchconsulting.com/"
                                moz-do-not-send="true"><span
                                  style="color:#0563C1">www.redbranchconsulting.com</span></a><o:p></o:p></p>
                            <p class="MsoNormal">My PGP Key: <a
href="https://keys.mailvelope.com/pks/lookup?op=get&search=0x9A830097CA066684"
                                moz-do-not-send="true"><span
                                  style="color:#0563C1">https://keys.mailvelope.com/pks/lookup?op=get&search=0x9A830097CA066684</span></a><o:p></o:p></p>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <p class="MsoNormal"><o:p> </o:p></p>
                          <div>
                            <div style="border:none;border-top:solid
                              #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
                              <p class="MsoNormal"><b>From:</b>
                                NCSG-Discuss <a
                                  class="moz-txt-link-rfc2396E"
                                  href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                                  moz-do-not-send="true"><NCSG-DISCUSS@LISTSERV.SYR.EDU></a>
                                <b>On Behalf Of </b>James Gannon<br>
                                <b>Sent:</b> Wednesday, July 10, 2019
                                12:52 AM<br>
                                <b>To:</b> <a
                                  class="moz-txt-link-abbreviated"
                                  href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                                  moz-do-not-send="true">NCSG-DISCUSS@LISTSERV.SYR.EDU</a><br>
                                <b>Subject:</b> Re: Zoom Structural
                                Vulnerability Discovered<o:p></o:p></p>
                            </div>
                          </div>
                          <p class="MsoNormal"><o:p> </o:p></p>
                          <p class="MsoNormal">Just want to call out
                            that Adobe has likely the worst reputation
                            in the entire tech industry when it comes to
                            security, I really would not hold them out
                            as either prompt or without serious issues
                            (I believe they still hold the record for
                            number of CVSS 9+ vulns).<o:p></o:p></p>
                          <p class="MsoNormal">Zooms response is poor I
                            agree, but on a data driven comparison it is
                            a far more secure platform.<o:p></o:p></p>
                          <p class="MsoNormal"><o:p> </o:p></p>
                          <div style="border:none;border-top:solid
                            #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
                            <p class="MsoNormal"><b><span
                                  style="font-size:12.0pt;color:black">From:
                                </span></b><span
                                style="font-size:12.0pt;color:black">NCSG-Discuss
                                <<a
                                  href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                                  moz-do-not-send="true">NCSG-DISCUSS@LISTSERV.SYR.EDU</a>>
                                on behalf of Ayden Férdeline <<a
                                  href="mailto:icann@FERDELINE.COM"
                                  moz-do-not-send="true">icann@FERDELINE.COM</a>><br>
                                <b>Reply-To: </b>Ayden Férdeline <<a
                                  href="mailto:icann@FERDELINE.COM"
                                  moz-do-not-send="true">icann@FERDELINE.COM</a>><br>
                                <b>Date: </b>Tuesday, 9 July 2019 at
                                14:13<br>
                                <b>To: </b>"<a
                                  href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                                  moz-do-not-send="true">NCSG-DISCUSS@LISTSERV.SYR.EDU</a>"
                                <<a
                                  href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU"
                                  moz-do-not-send="true">NCSG-DISCUSS@LISTSERV.SYR.EDU</a>><br>
                                <b>Subject: </b>Re: Zoom Structural
                                Vulnerability Discovered<o:p></o:p></span></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <div>
                            <p class="MsoNormal">That is true, but note
                              that this security researcher notified
                              Zoom of the exploit and they were in no
                              rush to repair it. Look at the timeline in
                              the Medium post. They only sought to fix
                              it after the vulnerability drew media
                              attention. <o:p></o:p></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <div>
                            <p class="MsoNormal">Adobe Connect was not
                              perfect but it met our needs and the
                              occasional security issues that arose were
                              promptly fixed by Adobe and never as
                              serious as this one!<o:p></o:p></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <div id="protonmail_mobile_signature_block">
                            <div>
                              <p class="MsoNormal">Best wishes, Ayden<o:p></o:p></p>
                            </div>
                          </div>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <p class="MsoNormal">On Tue, Jul 9, 2019 at
                            18:07, Adeel Sadiq <<a
                              href="mailto:11beeasadiq@seecs.edu.pk"
                              moz-do-not-send="true">11beeasadiq@seecs.edu.pk</a>>
                            wrote: <o:p></o:p></p>
                          <blockquote
                            style="margin-top:5.0pt;margin-bottom:5.0pt">
                            <div>
                              <p class="MsoNormal">Speaking from a
                                technical perspective, no software is
                                perfect or bug-free. Its only a matter
                                of time a loophole is found and
                                exploited and eventually patched up. If
                                you think Adobe Connect or ezTalks
                                were/are free of these architectural
                                issues, think again! That's the way we
                                technical community do things. <o:p></o:p></p>
                              <div>
                                <p class="MsoNormal"><o:p> </o:p></p>
                              </div>
                              <div>
                                <p class="MsoNormal">Regards<o:p></o:p></p>
                              </div>
                              <div>
                                <p class="MsoNormal"><o:p> </o:p></p>
                              </div>
                              <div>
                                <p class="MsoNormal">Adeel<o:p></o:p></p>
                              </div>
                              <div>
                                <p class="MsoNormal">Pakistan<o:p></o:p></p>
                              </div>
                            </div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                            <div>
                              <div>
                                <p class="MsoNormal">On Wed, Jul 10,
                                  2019 at 1:37 AM Ayden Férdeline <<a
                                    href="mailto:icann@ferdeline.com"
                                    moz-do-not-send="true">icann@ferdeline.com</a>>
                                  wrote:<o:p></o:p></p>
                              </div>
                              <blockquote
                                style="border:none;border-left:solid
                                #CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
                                <div>
                                  <p class="MsoNormal">Unfortunately,
                                    uninstalling the application does
                                    not rectify the situation, due to
                                    poor architecture (acknowledged by
                                    Zoom on their blog today). They are
                                    working on a fix, now that public
                                    scrutiny demands one. So
                                    disappointing that ICANN has put us
                                    in this terrible situation. <o:p></o:p></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><o:p> </o:p></p>
                                </div>
                                <div
                                  id="gmail-m_4892314735287444777protonmail_mobile_signature_block">
                                  <div>
                                    <p class="MsoNormal">Ayden<o:p></o:p></p>
                                  </div>
                                </div>
                                <div>
                                  <p class="MsoNormal"><o:p> </o:p></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><o:p> </o:p></p>
                                </div>
                                <p class="MsoNormal">On Tue, Jul 9, 2019
                                  at 16:15, Vaibhav Aggarwal, Catalyst
                                  & Group CEO <<a
                                    href="mailto:va@BLADEBRAINS.COM"
                                    moz-do-not-send="true">va@BLADEBRAINS.COM</a>>
                                  wrote: <o:p></o:p></p>
                                <blockquote
                                  style="margin-top:5.0pt;margin-bottom:5.0pt">
                                  <p class="MsoNormal">Thanks for this.
                                    Till the next Update, I have removed
                                    the Zoom For Mac Client with
                                    immediate effect.  <o:p></o:p></p>
                                  <div>
                                    <p class="MsoNormal"><o:p> </o:p></p>
                                  </div>
                                  <div>
                                    <p class="MsoNormal">Regards,<o:p></o:p></p>
                                  </div>
                                  <div>
                                    <p class="MsoNormal">Vaibhav
                                      Aggarwal<o:p></o:p></p>
                                  </div>
                                  <div>
                                    <p class="MsoNormal">New Delhi<o:p></o:p></p>
                                  </div>
                                  <div>
                                    <p class="MsoNormal"><a
                                        href="http://VaibhavAggarwal.com"
                                        moz-do-not-send="true">VaibhavAggarwal.com</a> <o:p></o:p></p>
                                  </div>
                                  <div>
                                    <p class="MsoNormal"><o:p> </o:p></p>
                                    <div>
                                      <p class="MsoNormal"
                                        style="margin-bottom:12.0pt"><o:p> </o:p></p>
                                      <blockquote
                                        style="margin-top:5.0pt;margin-bottom:5.0pt">
                                        <div>
                                          <p class="MsoNormal">On Jul
                                            10, 2019, at 12:30 AM,
                                            Michael Karanicolas <<a
                                              href="mailto:mkaranicolas@GMAIL.COM"
                                              moz-do-not-send="true">mkaranicolas@GMAIL.COM</a>>
                                            wrote:<o:p></o:p></p>
                                        </div>
                                        <p class="MsoNormal"><o:p> </o:p></p>
                                        <div>
                                          <div>
                                            <p class="MsoNormal">Hey -
                                              remember when ICANN
                                              switched everyone from
                                              Adobe over to Zoom as a
                                              way of enhancing
                                              information security and
                                              data privacy? <o:p></o:p></p>
                                            <div>
                                              <p class="MsoNormal"><o:p> </o:p></p>
                                            </div>
                                            <div>
                                              <p class="MsoNormal">"A
                                                vulnerability in the Mac
                                                Zoom Client allows any
                                                malicious website to
                                                enable your camera
                                                without your
                                                permission... This
                                                vulnerability allows any
                                                website to forcibly join
                                                a user to a Zoom call,
                                                with their video camera
                                                activated, without the
                                                user's permission. On
                                                top of this, this
                                                vulnerability would have
                                                allowed any webpage to
                                                DOS (Denial of Service)
                                                a Mac by repeatedly
                                                joining a user to an
                                                invalid call.
                                                Additionally, if you’ve
                                                ever installed the Zoom
                                                client and then
                                                uninstalled it, you
                                                still have a localhost
                                                web server on your
                                                machine that will
                                                happily re-install the
                                                Zoom client for you,
                                                without requiring any
                                                user interaction on your
                                                behalf besides visiting
                                                a webpage. This
                                                re-install ‘feature’
                                                continues to work to
                                                this day."<o:p></o:p></p>
                                            </div>
                                            <div>
                                              <p class="MsoNormal"><o:p> </o:p></p>
                                            </div>
                                            <div>
                                              <p class="MsoNormal">Read
                                                more here: <a
href="https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5"
                                                  moz-do-not-send="true">https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5</a><o:p></o:p></p>
                                            </div>
                                          </div>
                                        </div>
                                      </blockquote>
                                    </div>
                                    <p class="MsoNormal"><o:p> </o:p></p>
                                  </div>
                                </blockquote>
                                <div>
                                  <p class="MsoNormal"><o:p> </o:p></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><o:p> </o:p></p>
                                </div>
                              </blockquote>
                            </div>
                          </blockquote>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><o:p> </o:p></p>
                          </div>
                        </div>
                      </div>
                    </div>
                  </span></blockquote>
              </div>
              <br>
              <fieldset class="mimeAttachmentHeader"></fieldset>
              <pre class="moz-quote-pre" wrap="">_______________________________________________
CPWG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:CPWG@icann.org" moz-do-not-send="true">CPWG@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/cpwg" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/cpwg</a>

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/policy" moz-do-not-send="true">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/tos" moz-do-not-send="true">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</pre>
            </blockquote>
            <br>
            <fieldset class="mimeAttachmentHeader"></fieldset>
            <pre class="moz-quote-pre" wrap="">_______________________________________________
CPWG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:CPWG@icann.org" moz-do-not-send="true">CPWG@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/cpwg" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/cpwg</a>

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/policy" moz-do-not-send="true">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/tos" moz-do-not-send="true">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</pre>
          </blockquote>
        </blockquote>
      </blockquote>
    </blockquote>
  </body>
</html>