1 min read

Zoom Zero-Day Windows Vulnerability Selling for $500,000

Silviu STAHIE

April 16, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Zoom Zero-Day Windows Vulnerability Selling for $500,000

A couple of zero-day Zoom vulnerabilities are reportedly for sale online, including one for Windows and one for macOS, with the asking price for the Windows one topping $500,000, according to a Motherboard report.

Zero-day vulnerabilities are the most significant threats to any piece of software or hardware. It”s called zero-day because the vulnerability is not known to the developers that made the affected software. Sometimes, the vulnerability is fixed without falling into the hands of hackers or other bad actors, but that”s not always the case.

The value of a zero-day vulnerability is directly proportional to the popularity of the software affected, and there”s no doubt that Zoom”s recently found fame ensures that any zero-day aimed at the platform is really valuable.

The Motherboard report claims that a couple of zero-day vulnerabilities are available for both Windows and macOS Zoom clients, which in theory would allow attackers to join meetings and record everything. The vulnerability for the Zoom Windows app is reportedly available for $500,000.

There isn”t much information on the vulnerabilities, just that the one for Windows is a Remote Code Execution exploit, which is a rather common attack. The macOS zero-day is different, but that”s pretty much everything that”s known about it.

There is a bit of good news as well. Usually, when such exploits are deployed, they are quickly discovered and patched.

So far, Zoom says that they are not aware of any such vulnerabilities in their software.

“Since learning of these rumors, we have been working around the clock with a reputable, industry-leading security firm to investigate them,” said Zoom. “To date, we have not found any evidence substantiating these claims.”

Zoom is in hot water after multiple security issues were discovered in the past few weeks. The company has been frantically trying to plug the holes, and many governments around the world are now recommending against the use of the app in official settings.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read