Security News > 2021 > March > New Zoom Screen-Sharing Bug Lets Other Users Access Restricted Apps
A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings.
It's worth pointing out that the screen sharing functionality in Zoom lets users share an entire desktop or phone screen, or limit sharing to one or more specific applications, or a portion of a screen.
The issue stems from the fact that a second application that's overlayed on top of an already shared application can reveal its contents for a short period of time.
"When a Zoom user shares a specific application window via the 'share screen' functionality, other meeting participants can briefly see contents of other application windows which were not explicitly shared," SySS researchers Michael Strametz and Matthias Deeg noted.
"The contents of not shared application windows can be seen for a short period of time by other users when those windows overlay the shared application window and get into focus."
This could have serious consequences depending on the nature of the inadvertently shared data, the researchers warned, adding a malicious participant of a Zoom meeting can take advantage of the weakness by making use of a screen capture tool to record the meeting and playback the recording to view the private information.