Earlier this week a security researcher shared a remote code execution "0day" vulnerability in Zoom Client for Windows with our team. The vulnerability allows a remote attacker to execute arbitrary code on victim's computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack.
The researcher (who wants to keep their identity private) stated that they did not report the vulnerability to Zoom either directly or through a broker, but would not object to us reporting it to Zoom.
Analysis
0patch analyzed the issue and determined it to be only exploitable on Windows 7 and older Windows systems. While Microsoft's official support for Windows 7 has ended this January, there are still millions of home and corporate users out there prolonging its life with Microsoft's Extended Security Updates or with 0patch.
0patch then documented the issue along with several attack scenarios, and reported it to Zoom earlier today along with a working proof of concept and recommendations for fixing. Should a bug bounty be awarded by Zoom, it shall be waived in favor of a charity of researcher's choice.
Subscribe to:
Post Comments (Atom)
Google Uncovers LOSTKEYS Malware Tied to Russian Hackers
Google Uncovers 'LOSTKEYS' Malware Linked to Russian Hacking Group Cold River May 7, 2025 — Alphabet’s Google has disclosed the ...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges A Russian-linked threat actor, identified as Mora_001,...
-
Critical Ingress NGINX Controller Vulnerabilities Expose Kubernetes Clusters to Remote Code Execution A set of five critical security vuln...
No comments:
Post a Comment