A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim’s computer running Microsoft Windows 7 or older.
By the way, if someone is still using Windows 7, they deserve to get hacked, including many organizations without extended support, because it’s only a matter of time before they’ll be a victim of another attack targeting another zero-day vulnerability.
Let’s not get into that for now because it will be more of a story about awareness and laziness. Let’s talk about the latest flaw affecting Zoom video conferencing software.
How Does Zoom Vulnerability Work?
To successfully exploit the zoom vulnerability, all an attacker needs to do is tricking a Zoom user into performing some typical action like opening a received document file. No security warning is triggered or shown to the user at the time of the attack.
The vulnerability has been discovered by a researcher who reported it to Acros Security, who then reported the flaw to the Zoom security team earlier today. The researcher wishes to remain anonymous.
Although the flaw is present in all supported versions of the Zoom…