1 min read

Zero-Day Vulnerability in Zoom Affected Windows 7 Users

Silviu STAHIE

July 13, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Zero-Day Vulnerability in Zoom Affected Windows 7 Users

A zero-day vulnerability affecting the Zoom client for Windows has been discovered that would allow an attacker to execute arbitrary code on remote devices. Only Windows 7 and older OSes were affected, further complicating the situation.

Zoom vulnerabilities pop up constantly, but that”s also likely due in part to the app’s sudden popularity. The COVID-19 pandemic pushed the Zoom app to the forefront, mostly because of permissive default features that allowed people to use it without a premium account.

With so many users actively engaging in videoconferences, it was just a matter of time before Zoom become an active target for hackers and security researchers. Out of all possible problems, zero-day vulnerabilities are the most troublesome.

In this case, it was a vulnerability available only in Windows 7 and older products. Even if these products are no longer supported, it doesn’t mean that they”re not used. In fact, Windows 7 still has a market share of around 5%. Given the large number of PCs out there, that leaves a lot of vulnerable devices.

“The vulnerability allows a remote attacker to execute arbitrary code on victim’s computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack,” said the researchers from 0patch who disclosed the exploit.

For unknown reasons, the researcher who found the problem didn’t want to report the vulnerability to Zoom and left this job to 0patch. Following disclosure, Zoom issued a patch that covered the Windows 7 version.

Unfortunately, it’s only a matter of time before other security issues are found with Windows 7 and its interactions with other software. Since Microsoft no longer supports the OS, the problems will only go away when people stop using that operating system.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read