Video Conferencing Application Zoom has Another Security Flaw

Security researchers at Bleeping Computer have discovered another security flaw in the video conferencing application Zoom.

Zoom is a web-based application that allows multiple individuals to log in to an online conference.

Like many similar conferencing apps, the developers of Zoom created it for enterprise purposes. Aside from allowing users to communicate with each other, Zoom also supports file exchanges.

It’s no wonder that Zoom’s popularity has soared during the current coronavirus lockdown. More people working from home are now using the video conferencing platform for meetings, classes, and social gatherings.

Unfortunately, Zoom has been beset with security issues.

For example, the FBI warned that hackers could break into a Zoom meeting to create disruption. Although the host of the meeting can kick the trouble maker out, such an individual can return using a new user ID.

Now, it appears the app has a more severe security flaw.

According to researchers at Bleeping Computer, Zoom allows hackers to steal Microsoft Windows password. Armed with this information, attackers can access programs and data on computers and network servers.

Here’s how it works.

Using Zoom to Steal User Passwords on Windows Computers

It begins when an attacker joins a meeting to share a link. Clicking on this malicious link then sends the user’s credentials to the attacker.

In turn, the hacker can use the information in the credentials to access the user’s computer. According to security researcher Matthew Hickey, the attacker can even use the exploit to launch a program on a victim’s computer.

Here’s why it works.

Upon clicking on the link, Windows tries to connect to a remote site using the SMB file-sharing protocol before opening a file specified in the link. This form of attack is called a UNC path injection.

The exploit is effective because Windows doesn’t hide a user’s login name and password when they try to access a remote server. While the password is encrypted, the encryption is a minor inconvenience that several third-party tools can crack.

According to reports, engineers at Zoom are working to fix the security flaw.

Until such an update arrives, you can avoid the vulnerability by changing your Window settings. Consider turning off automatic transmission of NTML credentials to a remote server.

Read More: Microsoft Reports Critical Security Vulnerability in Windows