Vulnerability in Zoom video conferencing software [27.05.22]
A security researcher has found a vulnerability in Zoom Desktop Client that can lead to remote code execution without user interaction. Versions smaller than 5.10.0 are affected. To exploit it, an attacker needs to send the victim a special message. This is used to foist and execute an outdated and tamperable installer version of Zoom on the victim. This makes it possible for an attacker to inject and execute arbitrary code. The bug only affects the Windows version of Zoom. It is strongly recommended to update the Zoom Desktop Client.
If you already have the Zoom Desktop Client installed, you can check for updates:
- Log in to the Zoom Desktop Client.
- Click on your profile picture and then on Check for updates.
If there is a newer version, Zoom will download and install it.
If you have any questions, please contact the IT-Service-Desk.
Do you have questions or comments about this site? contact form