If you have been using the Zoom app for all video meetings and virtual meetings, you should update your app soon. That's because a security loophole in security allowed hackers to install malware on your computer, Android, and iOS devices. As per reports, the hackers first send a simple message to the target device and then the malware gets installed illegally in the device. Zoom has now acknowledged the bug.
Also Read: Some Kindle models will lose access to the Kindle store
As per reports, the Zoom client for meetings runs on Android, iOS, Linux, macOS and Windows systems prior to version 5.10.0. "The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) prior to version 5.10.0 fails to properly validate the hostname during a server switch request. When trying to use Zoom services This problem could be used in a more sophisticated attack to trick an unsuspecting user's client into connecting to a malicious server," Zoom noted in a blog post. The bug was discovered by Google's Project Zero Bug Hunter. Evan Fratrick, who reported the issue to Zoom back in February.
"An attacker should only be able to send a message to a victim over Zoom chat over the XMPP protocol," Fratrick said in a blog post. The messages are crafted in a special way to target innocent users and insert malicious code on the victim's device. The worst part is that even if the user does not interact with the threat message, it will still be injected into his computer or phone. Devices including Android, iPhone and Windows can be easily targeted using this malware.
“This report describes a vulnerability chain that enabled a malicious user to compromise another user on Zoom Chat. User interaction is not required for a successful attack. An attacker only needs to be able to send a message to the victim on Zoom Chat over the XMPP protocol,” Fratik said. Zoom flagged the seriousness of the threat as "high". All Zoom users are advised to download the latest update V5.10.0 and avoid opening any kind of malicious links or interacting with text messages.
------ END OF ARTICLE ------
EDITOR'S PICK
Also Read: Redmi Note 11T Pro series launched with MediaTek 8100 chipset
Also Read: iPhone 14 may arrive in September: Should you wait, or buy iPhone 13?
Also Read: Vimeo Unveils Automatic SEO Capabilities