Cybersecurity

Cyber Threat: Zero-day Vulnerability in Zoom for Windows Might be Exploited by Hackers

Zero-day Vulnerability - cfamedia

One of the companies that have enjoyed massive growth, ever since the novel coronavirus became a global phenomenon earlier this year is the video conferencing app, Zoom.

Zoom has enjoyed massive followership, as its services enabled business organisations, families and friends, public and privates instructions, etc., to hold real-time video communication, (conferencing), that can easily accommodate lots of people at a time.

Some few months ago, the company was hit with the allegation of exposing user’s data and making it easier, for hackers to have access to it.

Zoom moved swiftly to correct this loophole and assured its users that its privacy is well protected from hackers.


Also read, Cloudy Black Sunday For Zoom Users As They Were Locked Out


Now, however, a new cyber threat is brewing and it is called, zero-day vulnerability in zoom for Windows, which might just be the perfect leverage, for hackers to execute arbitrary codes on users computers.

This cyber threat could be very dangerous, as it does not give out, nor trigger a security warning and can be easily pulled off, by getting the victim to perform a simple and normal action that entails, only the opening of a received document file.

This zero-day vulnerability was first discovered, by an independent researcher who, also, noticed that the flaw is leveraged if the user is still using Windows 7 and older Windows systems.


Also read, Zoom Gets Oracle On Board To Help Limit Its Security Issues


The independent researcher notified Acros Security. Acros Security, in turn, reported it to Zoom and created a micropatch that will close the security hole, for the main time, until a permanent solution is found by Zoom.

“The flaw is likely, also, exploitable on Windows Server 2008 R2 and earlier, though we didn’t test that; either way, our micropatch will protect you wherever you’re using the Zoom client”, stated Mitja Kolsek, CEO, Acros Security.

“While Microsoft’s official support for Windows 7 has ended this January, there are still millions of home and corporate users out there, prolonging its life with Microsoft’s Extended Security Updates, or with 0patch, he stressed.


Also read, Zoom Update: Security Issues And Meeting IDS Removal From Title Bar Discussed by CEO


Until this loophole is permanently fixed, users on Windows 7, (and other versions of the Windows), are advised to stop using Zoom, for the time being, update Windows to a newer version, (Windows 10 preferable), or Implement the micropatch.


Featured Image: securitynewspaper


Don’t miss important articles during the week. Subscribe to cfamedia weekly digest for updates.