Earlier this week a security researcher shared a remote code execution "0day" vulnerability in Zoom Client for Windows with our team. The vulnerability allows a remote attacker to execute arbitrary code on victim's computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack.
The researcher (who wants to keep their identity private) stated that they did not report the vulnerability to Zoom either directly or through a broker, but would not object to us reporting it to Zoom.
Analysis
0patch analyzed the issue and determined it to be only exploitable on Windows 7 and older Windows systems. While Microsoft's official support for Windows 7 has ended this January, there are still millions of home and corporate users out there prolonging its life with Microsoft's Extended Security Updates or with 0patch.
0patch then documented the issue along with several attack scenarios, and reported it to Zoom earlier today along with a working proof of concept and recommendations for fixing. Should a bug bounty be awarded by Zoom, it shall be waived in favor of a charity of researcher's choice.
Subscribe to:
Post Comments (Atom)
Elon Musk Blames ‘Massive Cyber-Attack’ for Widespread X Outages
Elon Musk Claims X Was Hit by a "Massive Cyber-Attack" Amid Service Outages On Monday afternoon, Elon Musk alleged that X, the s...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
AWS Seizes Domains Used by Russian Threat Group APT29 in Credential-Stealing Campaign Amazon Web Services (AWS) has disrupted a phishing o...
-
The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements....
No comments:
Post a Comment