Monday, August 3, 22:22
Home security Zoom: Works to correct zero-day vulnerability

Zoom: Works to correct zero-day vulnerability

Zoom zero-day vulnerability

The teleconferencing software Zoom working for her repair of a zero-day vulnerability που was revealed from the company security ACROS Security.

The company said zero-day vulnerability affects him Zoom Windows client, but only when clients are running on old versions Windows OS, such as Windows 7, Windows Server 2008 R2 and older.

Zoom clients in Windows 8 or Windows 10 are not affected, according to ACROS Security CEO Mitja Kolsek.

"The vulnerability allows a remote intruder to execute code on computer of the victim where the Zoom Client for Windows is installed, making the user perform some standard action, such as opening a document ", said Kolsek.

"No security warning is displayed to the user during attack"He added.

Kolsek said ACROS did not discover the vulnerability on its own. She was informed by a security investigator who wanted to keep his identity secret.

ACROS reported zero-day vulnerabilities in Zoom and released an update to Zoom 0patch client to prevent attacks on its own customers until Zoom releases a formal patch. Below you can see one video, which shows how zero-day vulnerability can be exploited and how it is blocked by the 0patch client.

ACROS did not release further technical details vulnerability.

"Zoom takes all reports with potential security errors seriously. This morning we received a report on an issue that affects users using Windows 7 and older versions. "We have confirmed this issue and are currently working on a patch to resolve it quickly."

No information has yet been released on the release date.

In recent months, Zoom had stopped releasing new features to focus on improvements to enhance their security users, as various security issues were revealed in April.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

NetWalker ransomware: Over $ 25 Million in Gang Profits Since March

NetWalker ransomware operators are estimated to have earned over $ 25 million from ransom payments made by their victims ...

Elon Musk: "Obviously the aliens built the pyramids"

On Friday, Elon Musk tweeted: "Apparently the aliens built the pyramids," and garnered more than 500.000 likes.
00:01:54

Microsoft Edge behaves like malware

Microsoft has switched to aggressive marketing tactics trying to get Windows 10 users to adopt the new browser ...

Cyble: warns of 199 data breaches

Carrying out its well-established research on the dark web and deep web, Cyble detected 199 data breaches on various websites and companies ....

Microsoft Cortana bids farewell to Android and iOS

In a statement released on July 31, the company said it would withdraw the Cortana virtual assistant from iOS devices and ...

2gether: Hacking attack on cryptocurrency trading platform

2gether revealed that it was hacked, during which approximately 1,2 million Euros in cryptocurrencies were stolen from investment accounts in cryptocurrencies ....

Google: 11 zero day vulnerabilities were identified in the first half of 2020

According to the Google Project Zero team, 11 zero day vulnerabilities were identified, which were exploited by malicious agents, within the first ...

Linux Kernel 5.8: Released with countless improvements and changes

Recently, Linus Torvalds announced the release of the Linux 5.8 kernel. According to him, the new kernel ...

Moldovan pleaded guilty to creating FastPOS malware!

A 30-year-old man from Moldova pleaded guilty to creating FastPOS malware that infects POS systems worldwide ....

YouTube: Crypto channel closed to encourage illegal activities

YouTube restored the Crypto channel after being offline for more than two days due to "encouragement for illegal activities".