Zoom Bug Alert: This Zoom App Vulnerability Allows Hackers to Hijack Your Business Meeting

Quick Fix

Download and try Outbyte MacAries right now to see what it can do for your Mac.

Developed for macOS

Special offer. See more information about Outbyte and uninstall instructions. Please review EULA and Privacy Policy.

Reading time: 3 Minutes

Video conferencing for work is almost always uneventful, where one party presents, many tune in and listen (or laugh at the smallest things), and some cause sound dropouts on their end. But there’s a different kind of excitement that you don’t want happening to you during these online business meetings: a Zoom bug taking over.

Imagine this scenario: an unauthorized individual gains control of your screen during a Zoom meeting, potentially misusing it to send unwarranted messages to the other attendees. This was a recent issue for Zoom with a new vulnerability in its desktop app for its video chat service.

On a positive note, Zoom has already addressed this significant vulnerability in its video conferencing software.

Zoom Bug: The Nasty Details

Cybersecurity researcher David Wells of Tenable made the discovery in Zoom’s desktop app, describing it as something that let an attacker take control of an unsuspecting user’s screen and send chat messages on his or her behalf. The attack also kicked people out of the videocon!

Pro Tip: Scan your Mac for performance issues, junk files, harmful apps, and security threats
that can cause system issues or slow performance.

Free Scan for Mac Issues
macOS compatible

Special offer. About Outbyte, uninstall instructions, EULA, Privacy Policy.

The issue involved UDP packets, a familiar hack for Internet of Things (IoT) devices. With this Zoom bug, any command the Windows, Mac, and Linux apps intercepted were deemed verbatim. This meant that a malicious actor could exploit this vulnerability to execute arbitrary actions, from joining a private call to ejecting other participants.

“This allows an attacker to craft and send UPD pockets which get interpreted as messages processed from the trusted TCP channel used by authorized Zoom servers,” explained the Tenable blog.

The identified vulnerability in the Zoom app essentially enabled an unauthorized user to:

  • Hijack screen controls, which bypasses permissions and lets the attacker send keystrokes and mouse movements in order to take full control of the desktop.
  • Spoof chat messages, which impersonates legitimate users on the call.
  • Kick attendees off the call even without meeting the host.

As described in the post, the flaw surfaced due to improper message validation. To exploit this vulnerability, an attacker would merely need to know the IP address of the Zoom server.

The Zoom Client for Meetings Message Spoofing Vulnerability had the official code CVE-2018-15715. It affected the following versions:

  • Windows 10/11, Zoom 4.1.33259.0925
  • macOS 10.13, Zoom 4.1.33259.0925
  • Ubuntu 14.04, Zoom 2.4.129780.0915

Zoom’s Swift Action

Zoom Presence


Zoom, which has some 750,000 companies using its services, acted immediately after Wells reported the bug. It patched its server in order to protect users from any potential attack.

In addition, it released updates to its Windows, Mac, and Linux apps to further fix the issue. Its latest app versions are 4.1.34814.1119 for Windows and 4.1.34801.1116 for Mac OS. Users, though, will have to manually update theirs for protection from being hijacked in the middle of a call.

Zoom commits to keeping your information safe through encryption whenever you sign in through its site, software, or app. Here are some supplementary suggestions to enhance your security while using Zoom:

  1. Never store your passwords in plain text, which opens up opportunities for malware to gain access to your files.
  2. When discussing sensitive topics during the meeting, use a room password to lock out undesired “surprise” participants. This layer of protection is particularly useful for permanent meeting rooms that former employers may know about.
  3. Keep the “Join before host” notification or disable “Join before host” if you prefer that no one gets in the meeting room without you in there first.
  4. Store Zoom recordings properly. Beware that if you’re storing them on the cloud, someone could break into the service and have access to the recordings. So instead of depending on a third-party storage provider, it might be better to encrypt the files yourself on your system and store them in your most preferred way.
  5. Keep your computer clean and optimized for top performance. Utilizing a reputable system optimization tool can help maintain your Windows system, clean out unnecessary files, and address significant speed and stability issues.

Final Notes

The recently discovered and divulged Zoom app vulnerability put business meetings at risk by disrupting conferences and hijacking screen controls, spoofing chat messages, and kicking attended out of the call.

Zoom swiftly addressed the problem by patching its server and releasing updates to its Windows, Mac, and Linux apps.

Were you affected by this recent Zoom bug? Tell us about your experience!

Give us some love and rate our post!
[Total: 0 Average: 0]
Spread the love
Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
Featured Stories
How to Update UEFI BIOS in Windows: A Step-By-Step Guide

Reading time: 2 MinutesUpdating your BIOS can be beneficial but isn’t always required. This delicate…

Spread the love
Mouse Cursor Disappears on Windows 10: 13 Solutions

Reading time: 4 MinutesWhen your mouse disappears on Windows 10, it can significantly disrupt your…

Spread the love
Snipping Tool Not Working on Windows 11: Solutions

Reading time: 7 MinutesAfter the Windows 11 update, a range of challenges and issues have…

Spread the love
Windows 11 Mouse Click Not Working: Causes and Fixes

Reading time: 5 MinutesThe issue of the left mouse click not working is not exclusive…

Spread the love
Windows 11’s Wi-Fi Adapter Disappeared: Quick Fixes

Reading time: 3 MinutesWindows 11, the latest iteration of Microsoft’s widely used operating system, has…

Spread the love
How to Fix OneDrive error 0x80071129

Reading time: 8 MinutesOneDrive is a helpful feature in Windows; you can easily access your…

Spread the love
PC Repair
How to Fix Error Code 0xA00F429F on Windows 10/11

Reading time: 8 MinutesWindows 10 and 11 come with pre-installed UWP apps that are essential…

Spread the love
Error Copying File or Folder: The Requested Value Cannot Be Determined

Reading time: 8 MinutesIf you encounter the Windows 10/11 error message “The requested value cannot…

Spread the love
What to Do When a Deleted User Still Appears on the Windows 10/11 Login Screen?

Reading time: 8 MinutesWindows 10/11 allows you to create multiple user accounts – useful for…

Spread the love