Serviceteam IT Security News

The vulnerability exposed Zoom users running Windows 7 or earlier OS versions to remote attacks

The Zoom videoconferencing platform was affected by a zero-day vulnerability that could have allowed attackers to remotely execute commands on affected machines. The flaw impacted devices running the Windows operating system, specifically Windows 7 and earlier.

The company has since addressed the issue and released a patch on Friday, with the release notes of version 5.1.3  (28656.0709) stating that the patch “fixes a security issue affecting users running Windows 7 and older.”

Technical details about are sparse about the vulnerability, which hasn’t been assigned a Common Vulnerabilities and Exposures (CVE) identifier and was first described by ACROS Security on its 0patch blog:

“The vulnerability allows a remote attacker to execute arbitrary code on victim’s computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of an attack,” said ACROS.

However, the company also noted that the hole was “only exploitable on Windows 7 and older Windows systems”, as well as “likely also exploitable on Windows Server 2008 R2 and earlier”. By contrast, Windows 10 and Windows 8 are not affected.

RELATED READING: Windows 7 end of life: Time to move on

ACROS was tipped off to the flaw by a researcher who wanted to remain anonymous. The company then ran an analysis of the researcher’s claims and tried out a number of attack scenarios before forwarding its findings to Zoom along with a proof of concept and recommendations on how to fix the issue. There is no word of attackers exploiting the bug in the wild.

ACROS also released a quick micropatch last Thursday that removed the vulnerability in the code before Zoom addressed the issue with a patch of their own. The micropatch was made available to everyone for free, with the company releasing a demonstration of how a user could easily trigger the vulnerability.

The COVID-19 pandemic has led many companies to switch to remote work and people to socially distance from one another, with videoconferencing apps swiftly becoming de rigueur for work and social life alike.

In Zoom’s case, the unexpected limelight also helped reveal a slew of security and privacy lapses affecting the platform, ultimately prompting its CEO Eric S. Yuan to announce a 90-day feature freeze to remedy the issues. The self-imposed pause on feature updates elapsed earlier this month.

At any rate, Zoom users would be well advised to apply the latest patch to mitigate the risk of a malicious actor attacking their devices. Should you want to strengthen your videoconferencing security, ESET Chief Security Evangelist Tony Anscombe had some thoughtful advice to share in a pair of recent articles – one general article about videoconferencing with security in mind and the other devoted specifically to getting your Zoom settings right.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!