Windows users who have Zoom Client have been warned that a security flaw in the service has been identified which makes them vulnerable to remote attacks. Zoom has patched the bug in its latest update, so users need to update their client as soon as possible.
Security company 0patch found the flaw in the Zoom system after a security researcher found a remote code execution “0day” vulnerability and reported it to them.
“The vulnerability allows a remote attacker to execute arbitrary code on victim’s computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack,” said the company.
0patch found that the issue was only apparent for Windows 7 and Windows systems. They reported the problem to Zoom and created a micropatch themselves.
The reason it is these older version of Windows that are vulnerable is because Microsoft stopped support for their older versions, resulting in a loss of security support as well.
For those concerned and still operating on Windows 7, Zoom has now fixed this bug in it’s latest update so getting protected just requires updating your Zoom Client.