Vulnerability in Zoom could allow hackers to focus on devices: Cyber security agency
A vulnerability has been seen in the Zoom video conferencing application for Windows 7 and previous versions that could allow an attacker to remotely execute arbitrary code on the targeted system, a national cyber security agency said on Friday.
The Computer Emergency Response Team of India (CERT-In) said the severity rating of the vulnerability is “high” and advised users to update the software and its security by visiting the Zoom support service website.
“The vulnerability has been reported in the Zoom video conferencing application running on Windows 7 and earlier Windows versions which could allow a remote attacker to execute arbitrary code on the targeted system,” the advisory said.
It said a remote attacker could exploit this vulnerability by enticing an individual to execute a specially crafted file.
“Successful exploitation of this vulnerability could permit the attacker to execute arbitrary code on the mark system,” said the CERT-In, the national technology arm to combat cyber attacks and guard the Indian cyber space.
The popular video conferencing platform had last month released an increased and encrypted version of the application form so as to ensure protection and privacy of personal information.
The application form had seen a mega jump in downloads after home based turn into a norm for numerous office goers and professionals because of the COVID-19 outbreak and the resulting nationwide lockdown.
In April, the Union home ministry had said that the Zoom meeting platform had not been safe and it was not to be utilized for official purposes by government officials.
Such a warning was also issued by the CERT-In and was reiterated by the Cyber Coordination Centre (CyCord) of the house ministry.