Through an official communication the team of Zoom confirmed that he had solved one critical vulnerability of your app.
These exploits apparently could allow hackers to steal sensitive data of users and even potentially of intrude into any meetings.
The fixed vulnerabilities were identified by researchers at AppOmni which, by immediately notifying Zoom, allowed the creation of a corrective patch in a short time.
Specifically, the security flaws affected the system Zoom Rooms. This allows team members to collaborate despite being remote. A user among those involved, in this context, installs some sort of specific app on the device acting as terminal for the rest of the colleagues.
Zoom Rooms: All it took was knowing a room’s email to intrude on a meeting
When a session is created with Zoom Rooms, the platform assigns a name that includes theaccount Zoom of whoever starts the room and the related email. The problem arose when, creating a free email account on Outlookit was easy for outsiders to intrude on meetings.
Simply put, until recently, the only prerequisite for intruding into a meeting was to know theemail address tied to the room which, considering the amount of emails stolen every day, is not a big challenge for any type of hacker.
What happened with Zoom Rooms is just one of the latest “misadventures” of the platform. Despite the introduction of the crittografia end-to-endIn fact, this tool remains a favorite for cybercriminals to carry out illegal acts. The video conferencing app, also due to a boom in popularity, particularly during the pandemic period.
Furthermore, just at the beginning of this year, Zoom was the protagonist of a malware campaign that made extensive use of the technique known as SEO poisoning.