The similar safety vulnerabilities that had been lately reported in Zoom for macOS additionally have an effect on two different common video conferencing software program that beneath the hood, are only a rebranded model of Zoom video conferencing software program.
Security researchers confirmed The Hacker News that RingCentral, utilized by over 350,000 companies, and Zhumu, a Chinese model of Zoom, additionally runs a hidden native internet server on customers’ computer systems, similar to Zoom for macOS.
The controversial native internet server that has been designed to supply an computerized click-to-join characteristic was discovered susceptible to distant command injection assaults by Third-party web sites.
Security researcher Jonathan Leitschuh initially offered a proof-of-concept demonstrating how the susceptible internet server may ultimately permit attackers to activate customers laptop computer’s webcam and microphone remotely.
The flaw was later escalated to distant code execution assault by one other safety researcher, Karan Lyons, who has now printed a brand new video demonstration confirming the identical RCE flaw in RingCentral and Zhumu for macOS customers.
RingCentral has already launched an up to date model (v7.0.151508.0712) of its assembly app for macOS that patches each…