Earlier this week a security researcher shared a remote code execution “0day” vulnerability in Zoom Client for Windows with our team. The vulnerability allows a remote attacker to execute arbitrary code on victim’s computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack.

Exploiting the vulnerability requires some type of action on the part of the victim, such as downloading and opening a malicious attachment, however, no security alerts will be triggered during the exploitation.

The researcher who discovered the vulnerability continued with the 0patch team to detect it, instead of reporting it directly to them, and the researchers at 0patch released a mini-patch for free so that the platform could launch its correction.

Although there is a bug in all supported versions of the Zoom application for the Windows operating system, it is only exploitable on systems running Windows 7 and earlier due to some specific system features.

While Microsoft ended official support for the Windows 7 operating system last January and encouraged users to switch to safer versions of the operating system, Windows 7 is still widely used by users and organizations in general.

0patch researchers said in a post: We offer this mini patch to everyone for free. Until Zoom solves the problem, or decides not to fix it, and in order to reduce exploitation risks for systems that do not contain the patch, we do not release details about this vulnerability until Zoom fixes it, or decides not to fix it, or Until these details are generally known. ”

While the 0patch team declined to reveal the full details of the remote code execution error, they posted a video to demonstrate the concept that vaguely explains exploitation.

Zoom released a patch in the latest version 5.1.3 for Windows users as of July 10, and release notes confirm that the update fixes a serious security vulnerability that affects users using the Windows 7 operating system and earlier versions.

Given the prevalence of coronavirus, the use of video conferencing software (Zoom) has increased dramatically during the past few months, as companies use it alongside millions of users around the world to continue education, business and social networking.

Related Articles
Leave a Reply

Your email address will not be published. Required fields are marked *