Slovenian firm reveals Zoom flaw for Windows Pcs

Zoom hit by a Zero-day flaw that makes Windows 7 PCs vulnerable, this is after it underwent a complete security overhaul.



PUBLISHED BY
Anna Domanska



TAGS:


7 months ago




A Slovenian firm Arcos Security says Zoom is vulnerable in Windows 7 machines. The flaw is termed as zero-day impact.

The security firm says Zoom can be exploited to hack into computers running Windows 7. It allows remote code execution and installation of malware into a victim’s computer. Arcos Security was tipped off of the packability by an unnamed security researcher.

Arcos Security is not elaborating on what the flaw is for fear of it being used by other hackers. From bare facts, it seems the vulnerability initiates a Zoom video call and then tricks the computer owner into performing certain tasks such as opening any file and then the bug is planted without the knowledge of the computer owner running the Windows 7 software. Zoom clients running on Windows 8 or Windows 10 are not affected.

Zoom Arcos security flaw

Zoom hit by a Zero-day flaw that makes Windows 7 PCs vulnerable, this is after it underwent a complete security overhaul.

We did not disclose vulnerability details that would allow attackers to exploit it—we only disclosed its presence and our micropatch,” Arcos Security CEO Mitja Kolsek told PCMag in an email. “Per our long-standing policy, we wouldn’t even publish details after 90 days if these details allowed attackers to attack users.

We analyzed the issue and determined it to be only exploitable on Windows 7 and older Windows systems. While Microsoft’s official support for Windows 7 has ended this January, there are still millions of home and corporate users out there prolonging its life,” Arcos Security wrote in a blog post.

Arcos Security has come up with a solution to the malware. It has a micropach than can be downloaded, but first you need to install the company’s 0ptach software. Kelsey emphasized that the bug in the Windows operating software was not common knowledge and no known cases of malware installation were yet revealed.

Zoom has been informed of the vulnerability. Zoom acknowledged it and said, “We have confirmed this issue and are currently working on a patch to quickly resolve it,” the video conferencing provider said.

Arcos seems to have preempted Zoom’s patch release efforts with its own solution. Arcos said it went public for the benefit of the public and not to exploit it for its own advantage.

We did not disclose vulnerability details that would allow attackers to exploit it—we only disclosed its presence and our micropatch,” Arcos Security CEO Mitja Kolsek told PCMag in an email. “Per our long-standing policy, we wouldn’t even publish details after 90 days if these details allowed attackers to attack users.

Zoom has become the most popular app among stay-at-home workers during the Coronavirus pandemic to stay connected to the office. In the initial days, the app was hit with complaints of bugs and hackers getting into meetings and disrupting them.

After the discovery and disclosure of several security issues in April, the company stopped all-new feature additions and focused on security and privacy-related improvements and bug fixes.

Zoom very recently said that it had completed a complete overhaul of its security features. They even hired a special security firm Luta to help them clean up the systems. In June, Zoom hired a new chief information officer, Jason Lee, who was earlier with Salesforce.

Eric Yuan started Zoom in 2013, and it quickly took off and had acquired a million users in just two years of being launched. By January 2017, Zoom was a unicorn, reaching a valuation of $1 billion. It got an investment of $100 million from Sequoia Capital. The company went public in 2019 at a valuation of $16 billion. During the pandemic, the usage of Zoom went up to 300 million users in April.

But the company has been constantly bugged by some malfunctions and malware threats since usage went up.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Panasonic enters a $22 billion vaccine storage race with ultracold carrier

Panasonic enters a $22 billion vaccine storage race with ultracold carrier

Panasonic received several requests from European and American logistics companies to cure test ultra-cold freezer box. This freezer contain...
18 hours ago
Orange Telecom to sell 50 % fiber assets for $1.58 million

Orange Telecom to sell 50 % fiber assets for $1.58 million

Orange, the French multinational telecommunications corporation, has agreed to sell part of its fixed fiber assets to a consortium of three ...
18 hours ago
Books Bill Gates Wants You to Read This Year

Books Bill Gates Wants You to Read This Year

Have you been waiting for the most-anticipated roundups of the year – books Bill Gates recommends? Well, here it is. ...
19 hours ago
Amazon to host pop-up vaccination clinic in Seattle HQ

Amazon to host pop-up vaccination clinic in Seattle HQ

Amazon Inc. plans to set up a pop-up clinic at its Seattle headquarters on January 24 to help vaccinate 2,000 eligible members of the publi...
2 days ago
Morgan Stanley raises CEO James Gorman’s pay to $33 million

Morgan Stanley raises CEO James Gorman’s pay to $33 million

James Gorman’s salary ($33 million) is comprised of four parts: a base salary of $1.5 million; a deferred equity award of $7.875 million; ...
3 days ago
IBM Q4 Profit Up, Banks on Cloud and AI For 2021

IBM Q4 Profit Up, Banks on Cloud and AI For 2021

IBM’s revenue is expected to rise in 2021 and generate adjusted free cash flow of $11 billion to $12 billion for the year. ...
4 days ago