Security News > 2020 > July > Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier

Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier
2020-07-10 08:51

A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older.

The vulnerability has been discovered by a researcher who reported it to Acros Security, who then reported the flaw to the Zoom security team earlier today.

Although the flaw is present in all supported versions of the Zoom client for Windows, it is only exploitable on systems running Windows 7 and older Windows systems due to some specific system characteristics.

Researchers at Acros Security, the creators of 0patch, have developed a micro patch for all versions of Zoom Client for Windows to address the security issue and released them to everyone for free until Zoom Video Communications delivers an official security patch.

The ZOOM saga continues... Just last month, Zoom addressed two critical vulnerabilities in its video conferencing software for Windows, macOS, or Linux computers that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/23_RYdbL-sk/zoom-windows-security.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zoom 54 4 51 80 12 147