A newly discovered bug in the Zoom video conferencing App for Windows 7 allows remote code execution
Zoom video conferencing App is in the news again and for worse. Researchers have discovered a previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely execute code and take over your PC/laptop. The flaw is only exploitable on computers running on Microsoft Windows 7 operating system and below. The flaw is unpatched as of yet and Zoom says they are working on the fix.
The newly discovered Zero-day in the Zoom Client for Windows could allow remote code execution, according to researchers at 0patch. Zoom has confirmed the flaw. The 0patch researchers said that the vulnerability is present in any currently supported version of Zoom Client for Windows but said that the flaw was difficult to exploit in the wild.
For one, the flaw is only exploitable on Windows 7 and older Windows systems and secondly, the exploitation of the flaw user interaction and social engineering skills on part of the hacker. The 0Patch researchers say that Zoom is also vulnerable on Windows Server 2008 R2 but they had not tested it. To exploit the flaw, the potential hacker has to first send a specially crafted payload file which the victim has to open. However, once the victim opens this file, there is no security warning during the course of the attack, according to the 0Patch researchers.
Mitigation of the Zoom Zero-day flaw
Windows 7 is still the preferred operating system for millions of users and hence this flaw is critical. Zoom states that they are working on the patch. In the meantime, 0Patch has released FREE micropatches which can help Zoom users to mitigate this zero-day.
Proof of Concept video:
Here is the video released by 0Patch that shows how an exploit can be triggered by clicking the “start video” button in the Zoom Client: