New Flaw in the Zoom Client

by Chris Bonatti, President of IECA and Made Safe in Wyoming Member, forward by Laura Baker, Executive Director for CyberWyoming

FORWARD: This is just one example of why you want to be ‘in the know’ about cybersecurity. Join us at Wyoming’s Cybersecurity Conference on October 5-7, virtual, mornings.
Registration link at www.cyberwyoming.org/conference/

Zoom fixed a new Remote Code Execution (RCE) flaw that was affecting their native client on Windows 7 and earlier systems. Zoom took only one day to issue a new version that fixes this vulnerability. In June, Zoom
similarly patched two critical flaws that Cisco’s Talos group identified in their client.

Zoom has been working overtime to increase their security as a result of their skyrocketing use during COVID-19, and reported instances of “Zoombombing”. While Zoom is far from being declared secure, we think most of the criticism thus far has been unjustified. Zoombombing is generally the result of meeting organizers failing to use the security tools that Zoom already puts at their disposal. RCE flaws in the Zoom application are indeed serious, but we see this sort of thing in many applications. It’s just critical that you always ensure that your Zoom client is up to date, or that you interact with Zoom via your browser.

To register for IECA’s newsletter, visit their website at www.ieca.com.

Share:

Register to Receive the Tech Joke of the Week!

This Week's Joke:

How many programmers does it take to change a light bulb?

None, it is a hardware problem!

More Posts: