Zoom has introduced revisions to its Terms of Service that have sparked significant controversy over user privacy.

It appears that Zoom may begin using calls between millions of users around the world to train AI products. The updated terms contain two standout sections, 10.2 and 10.4, which hold considerable implications for the extent to which Zoom can leverage user data. These segments specify Zoom’s entitlements to gather and utilise “Service Generated Data,” encompassing telemetry data, product usage information, diagnostic data, and analogous content collected in conjunction with users’ use of Zoom’s services or software.

Explicitly specified in Zoom’s revised policy is its exclusive ownership over Service Generated Data. This dominion extends to the company’s prerogatives to alter, disseminate, process, exchange, retain, and warehouse said data “for any purpose, within the limits and parameters stipulated by applicable law.”

“…You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content, including AI and ML training and testing.”

Of particular concern is the overt declaration of the company’s right to employ this data for the training and enhancement of machine learning and artificial intelligence systems, with the inclusion of algorithm and model refinement. This particular clause raises the question of a lack of opt-out alternatives, something that is bound to fuel intense debate about user-generated consent and individual privacy.

Zoom justifies these measures as indispensable for delivering services to patrons, supporting the services, and enhancing its range of offerings including software and other products. Nevertheless, the implications inherent in these clauses are all-encompassing, particularly as they seemingly permit Zoom to harness customer data for any purpose associated with the activities or processes detailed in section 10.3.

Remarkably, Zoom has not issued any comments regarding these amendments yet. While Zoom’s motivations may center on elevating their platform and providing an improved experience, the extent and profundity of these adjustments are likely to cause disquiet among numerous users, particularly security and privacy advocates, thereby prompting inquiries into how their data is being leveraged.

For more software expertise and support, please contact our team today

Adobe is warning customers of a critical zero-day bug that is active in the wild affecting its Adobe Acrobat PDF reader software.

The bug, tracked as CVE-2021-28550, affects eight versions of Adobe software (full list below) and exploits vulnerabilities in the software including arbitrary code execution, memory leaks and exposure of private information.

10 critical and four important vulnerabilities were addressed in Adobe Reader and Acrobat in addition to five critical flaws in Adobe Illustrator that were resolved by Tuesday’s security patch release. The technical specific details of the bug were not available to Adobe software users until after the 43 patch fixes were downloaded which meant that before manual user installation, the zero-day bug allowed for hackers to execute virtually any command on targeted systems.

Users can download these new security fixes by initiating the auto update feature of Acrobat and Reader by going to Help –> Check for Updates and installing via the Adobe Download Centre. This will remove the user intervention necessity to manually install security updates and allows Adobe products to update automatically upon detection of patch releases.

List of affected Adobe software versions:

– Acrobat DC, 2021.001.20150  and earlier versions - Windows

– Acrobat Reader DC, 2021.001.20150  and earlier versions – Windows

– Acrobat DC, 2021.001.20149  and earlier versions - macOS

– Acrobat Reader DC, 2021.001.20149  and earlier versions – macOS

– Acrobat 2020, 2020.001.30020 and earlier versions – Windows & macOS

– Acrobat Reader 2020, 2020.001.30020 and earlier versions – Windows & macOS

– Acrobat 2017, 2017.011.30194  and earlier versions – Windows & macOS

– Acrobat Reader 2017, 2017.011.30194  and earlier versions – Windows & macOS

Windows 10.1 updates security

With ‘Windows 10.1’ now barely a month old, and the Microsoft operating system already running on over 12 million business PCs, how fares Microsoft’s free updates strategy?

Windows 10.1 update was released with relatively little fanfare (be honest, you didn’t notice) adds features that, understandably with hindsight, might have been a distraction at the main Windows 10 release back in July.

Packaged within were mainly performance and security upgrades – Windows 10.1 will now boot almost 30% faster than an old Windows 7 system on the same device, the Cortana virtual assistant has some new handwriting recognition skills and there are new enterprise tools for mobile devices. Microsoft Edge runs smoother too, offering previews of tabs before viewing and syncing favourites across devices.

Most importantly, after recent corporate data breaches in the news, Microsoft have added a range of new security safeguards. These including ‘Windows Hello’, supporting enterprise grade biometrics including fingerprint and facial recognition – sadly currently only available for US users.

Aside from controversy surrounding user privacy then (if you didn’t notice your Windows 10.1 update, that’s maybe because Microsoft installed it automatically on your device without asking you) the first free update went ahead with relevant additions and limited fuss.

Starting free updates officially moves Microsoft into line with Apple’s OS X business model that has become the industry standard. Yet limited promotion of Windows 10’s ongoing development risks downplaying Microsoft’s progress.

Which would be unfair, because Microsoft is plainly taking extra care to develop the business security of their product range, including the excellent Office365, Microsoft Azure and now Windows 10.1. Microsoft is clearly listening to business’ fears, and businesses should welcome it.

For help and support with Microsoft enterprise IT, contact Lineal today.