Technology 2 min read

Video Conferencing Application Zoom has Another Security Flaw

Julio Ricco / Shutterstock.com

Julio Ricco / Shutterstock.com

Security researchers at Bleeping Computer have found a new security flaw in Zoom that allows hackers to steal user passwords.

Security researchers at Bleeping Computer have discovered another security flaw in the video conferencing application Zoom.

Zoom is a web-based application that allows multiple individuals to log in to an online conference.

Like many similar conferencing apps, the developers of Zoom created it for enterprise purposes. Aside from allowing users to communicate with each other, Zoom also supports file exchanges.

It’s no wonder that Zoom’s popularity has soared during the current coronavirus lockdown. More people working from home are now using the video conferencing platform for meetings, classes, and social gatherings.

Unfortunately, Zoom has been beset with security issues.

For example, the FBI warned that hackers could break into a Zoom meeting to create disruption. Although the host of the meeting can kick the trouble maker out, such an individual can return using a new user ID.

Now, it appears the app has a more severe security flaw.

According to researchers at Bleeping Computer, Zoom allows hackers to steal Microsoft Windows password. Armed with this information, attackers can access programs and data on computers and network servers.

Here’s how it works.

Using Zoom to Steal User Passwords on Windows Computers

It begins when an attacker joins a meeting to share a link. Clicking on this malicious link then sends the user’s credentials to the attacker.

In turn, the hacker can use the information in the credentials to access the user’s computer. According to security researcher Matthew Hickey, the attacker can even use the exploit to launch a program on a victim’s computer.

Here’s why it works.

Upon clicking on the link, Windows tries to connect to a remote site using the SMB file-sharing protocol before opening a file specified in the link. This form of attack is called a UNC path injection.

The exploit is effective because Windows doesn’t hide a user’s login name and password when they try to access a remote server. While the password is encrypted, the encryption is a minor inconvenience that several third-party tools can crack.

According to reports, engineers at Zoom are working to fix the security flaw.

Until such an update arrives, you can avoid the vulnerability by changing your Window settings. Consider turning off automatic transmission of NTML credentials to a remote server.

Read More: Microsoft Reports Critical Security Vulnerability in Windows

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Sumbo Bello know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Sumbo Bello

Sumbo Bello is a creative writer who enjoys creating data-driven content for news sites. In his spare time, he plays basketball and listens to Coldplay.

Comments (0)
Most Recent most recent
You
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.