Slovenian security company ACROS Security has disclosed a vulnerability in software conferencing Zoom that could allow an attacker to remotely execute code on the computer running the affected client Zoom for Windows. The problem only affects users of older versions of Microsoft OS, such as Windows 7, Windows Server 2008 R2 and earlier. The users of Windows 8 and Windows 10 is nothing to worry about.
As explained by the head ACROS Security Kolsek Mitya (Mitja Kolsek), an attacker could remotely execute code on the system with the default Zoom for Windows client, forcing the victim to perform certain actions (e.g. to open a document file). In the process exploit any notification and alert will not be displayed.
The vulnerability was discovered by an unknown security researcher, who asked to remain anonymous. He reported the problem ACROS Security, which in turn has notified it Zoom. ACROS Security has also updated its client 0patch, adding a micropatch, closing the vulnerability in four different parts of the code in older versions of Windows.
“Our mikropatchey already released and sent to all connected online applications 0patch Agent. Users Zoom installed 0patch vulnerability are no longer affected,” – said Kolsek.
Here is a video of the exploitation of the vulnerability and a micropatch in action.
Zoom is already working on a fix, but its release date is still unknown. No technical details about the vulnerability ACROS Security not submitted. It is also unclear whether it is exploited in the real attacks.