Zoom New York Attorney General Agreement

Sasas Photography / Shutterstock.com (Licensed)

Zoom vulnerability found for older versions of Windows (updated)

Zoom says it is working on a patch.

Jul 10, 2020, 11:04 am*

Tech

Andrew Wyrich 

Andrew Wyrich

Update 11:03am CT: In an email to the Daily Dot, Zoom said it had fixed the patch

Advertisement Hide

“Zoom addressed this issue, which impacts users running Windows 7 and older, in the 5.1.3 client release on July 10. Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates.”

Advertisement Hide

The original story appears below.

A vulnerability in the popular videoconferencing app Zoom has been discovered in computers running older versions of the Windows operating system.

The “zero-day”—or a previously unknown vulnerability—flaw was flagged by cybersecurity firm ACROS Security on Thursday.

Advertisement Hide

In a blog post, ACROS Security wrote that they were made aware of the vulnerability by a researcher who wished to remain anonymous.

The vulnerability affects computers running Windows 7 or an earlier version of the operating system. It does not affect Windows 8 or 10, ACROS wrote.

The flaw allows for a hacker to “execute arbitrary code on victim’s computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file,” Mitja Kolsek, of AROS Security wrote in the blog post.

Advertisement Hide

Kolsek added: “No security warning is shown to the user in the course of attack.”

ACROS Security demonstrated how it would work in a video. As an example used by the firm, a user could simply click on the “start video” button to trigger the vulnerability.

Zoom has said it is working to issue a patch for the vulnerability.

Advertisement Hide

“Zoom takes all reports of potential security vulnerabilities seriously,” a Zoom spokesperson told the Daily Dot. “Yesterday morning we received a report of an issue impacting users running Windows 7 and older. We have confirmed this issue and are currently working on a patch to quickly resolve it.”

While Microsoft stopped supporting Windows 7 earlier this year, the operating system is still widely used.

As of earlier this year, Netmarketshare, which tracks usage shares of operating systems, browsers, and more, found that 26 percent of all PCs were running Windows 7.

Advertisement Hide

READ MORE:

Share this article
*First Published: Jul 10, 2020, 10:59 am