Security News > 2020 > January > Zoom Fixes Flaw That Could Allow Strangers Into Meetings
Zoom Video Communications has fixed a vulnerability that - under certain conditions - could have allowed an uninvited third party to guess a Zoom meeting ID and join a conference call.
The flaw was due, in part, to an attacker potentially being able to guess a valid Zoom meeting ID, according to Alexander Chailytko, a research and innovation manager at Check Point, who notes that all Zoom meeting IDs have nine to 11 digits.
First, Zoom now makes meetings password-protected by default, Check Point writes.
According to guidance issued by Zoom it appears that Zoom administrators can permanently disable that default.
Earlier last year, security researcher Jonathan Leitschuh found a bug that could be used to suddenly launch Zoom's client and force someone to join a conference call - and, depending on how Zoom was configured, add them with their video camera enabled.
News URL
https://www.inforisktoday.com/zoom-fixes-flaw-that-could-allow-strangers-into-meetings-a-13665