The use of video conferencing applications skyrocketed throughout the pandemic of 2020 and 2021. Although vendors such as Zoom were lifesavers for businesses and their remote employees, their systems have proven to be vulnerable to attack by cybercriminals. Most recently, Zoom’s developers released patches designed to close serious weaknesses in the program that exposed users to command injection and execution code attacks.
In numerous security bulletins published by the company, users were warned in particular about three security flaws. When exploited, these vulnerabilities affected its popular meeting connector software and Keybase Client applications. The issue lies with the network proxy page for these products. When a user attempts to set the network proxy password by inputting information, the system fails to validate it. As a result, a web portal administrator could inject false or destructive commands.
Additionally, Zoom’s security response team informed their user base of a path traversal bug known as CVE-2032-34422 that affects Keybase Client for Windows. In the versions previous to 5.7.0, problems could arise when viewing names uploaded to a team folder. Before this security leak was plugged, a bad actor could upload a file into a shared folder with a specifically designed name. This label gave the criminal user the ability to run unauthorized applications on the host server.
Finally, the company’s security officials released a patch to address a medium-risk bug in the Zoom Client for Meetings installer. In versions before 5.5.4, the signature of files with .msi, .ps1, and .bat extensions was not properly verified. As a result, a cybercriminal could potentially install malware onto the system.
Zoom software does not contain an automatic update feature. Therefore, the company recommends that you manually check your systems to ensure that the versions you are running are current.
