Video conferencing for work is almost always uneventful, where one party presents, many tune in and listen (or laugh at the smallest things), and some cause sound dropouts on their end. But there’s a different kind of excitement that you don’t want happening to you during these online business meetings: a Zoom bug taking over.
Imagine this scenario: an unauthorized individual gains control of your screen during a Zoom meeting, potentially misusing it to send unwarranted messages to the other attendees. This was a recent issue for Zoom with a new vulnerability in its desktop app for its video chat service.
On a positive note, Zoom has already addressed this significant vulnerability in its video conferencing software.
Zoom Bug: The Nasty Details
Cybersecurity researcher David Wells of Tenable made the discovery in Zoom’s desktop app, describing it as something that let an attacker take control of an unsuspecting user’s screen and send chat messages on his or her behalf. The attack also kicked people out of the videocon!
Pro Tip: Scan your Mac for performance issues, junk files, harmful apps, and security threats
that can cause system issues or slow performance.
The issue involved UDP packets, a familiar hack for Internet of Things (IoT) devices. With this Zoom bug, any command the Windows, Mac, and Linux apps intercepted were deemed verbatim. This meant that a malicious actor could exploit this vulnerability to execute arbitrary actions, from joining a private call to ejecting other participants.
“This allows an attacker to craft and send UPD pockets which get interpreted as messages processed from the trusted TCP channel used by authorized Zoom servers,” explained the Tenable blog.
The identified vulnerability in the Zoom app essentially enabled an unauthorized user to:
- Hijack screen controls, which bypasses permissions and lets the attacker send keystrokes and mouse movements in order to take full control of the desktop.
- Spoof chat messages, which impersonates legitimate users on the call.
- Kick attendees off the call even without meeting the host.
As described in the post, the flaw surfaced due to improper message validation. To exploit this vulnerability, an attacker would merely need to know the IP address of the Zoom server.
The Zoom Client for Meetings Message Spoofing Vulnerability had the official code CVE-2018-15715. It affected the following versions:
- Windows 10/11, Zoom 4.1.33259.0925
- macOS 10.13, Zoom 4.1.33259.0925
- Ubuntu 14.04, Zoom 2.4.129780.0915
Zoom’s Swift Action
Zoom, which has some 750,000 companies using its services, acted immediately after Wells reported the bug. It patched its server in order to protect users from any potential attack.
In addition, it released updates to its Windows, Mac, and Linux apps to further fix the issue. Its latest app versions are 4.1.34814.1119 for Windows and 4.1.34801.1116 for Mac OS. Users, though, will have to manually update theirs for protection from being hijacked in the middle of a call.
Zoom commits to keeping your information safe through encryption whenever you sign in through its site, software, or app. Here are some supplementary suggestions to enhance your security while using Zoom:
- Never store your passwords in plain text, which opens up opportunities for malware to gain access to your files.
- When discussing sensitive topics during the meeting, use a room password to lock out undesired “surprise” participants. This layer of protection is particularly useful for permanent meeting rooms that former employers may know about.
- Keep the “Join before host” notification or disable “Join before host” if you prefer that no one gets in the meeting room without you in there first.
- Store Zoom recordings properly. Beware that if you’re storing them on the cloud, someone could break into the service and have access to the recordings. So instead of depending on a third-party storage provider, it might be better to encrypt the files yourself on your system and store them in your most preferred way.
- Keep your computer clean and optimized for top performance. Utilizing a reputable system optimization tool can help maintain your Windows system, clean out unnecessary files, and address significant speed and stability issues.
The recently discovered and divulged Zoom app vulnerability put business meetings at risk by disrupting conferences and hijacking screen controls, spoofing chat messages, and kicking attended out of the call.
Zoom swiftly addressed the problem by patching its server and releasing updates to its Windows, Mac, and Linux apps.
Were you affected by this recent Zoom bug? Tell us about your experience!