Connect with us

Internet of Things

Zoom Bug is Giving Attackers Control over Your Computer, here’s What You Need to Know
Advertisement

Business Business Business Models Commodities Companies Customer Service Economy Entrepreneurs Entrepreneurs Gadgets Government Growth Strategies Industries Innovation Internet of Things Kenya Today Manufacturers Markets Markets National News News Operations Pricing Productivity Reports Strategic Planning Strategy Tech

Kenya to Roll Out 1 Million Locally Made Smartphones in July

Apps Branding Business Business Commodities Communication Companies Counties Customer Service Customer Service Economy Entrepreneurs Entrepreneurs Gadgets Government Growth Strategies Industries Innovation Internet of Things Investing Kenya Today Manufacturers Markets National News News Operations Organisational Development Partnerships Productivity Safaricom Tech

Safaricom, Lake Region Bloc in Pact to Hasten Digital Transformation

Business Business Commodities Companies Counties Customer Service Economy Entrepreneurs Entrepreneurs Gadgets Internet of Things Kenya Today Manufacturers National News News Pricing Productivity Safaricom

Safaricom Cuts Wi-Fi Router Prices By 40%

Internet of Things

Zoom Bug is Giving Attackers Control over Your Computer, here’s What You Need to Know

Enterprise Team

Published

4 years ago

on

As millions turn to Zoom while working from home during the Coronavirus quarantine, researchers now say that the video conferencing platform has two bugs capable of converting network locations into clickable links.

TechCrunch additionally reports that the bugs “can be abused to steal Windows passwords, another security researcher found two new bugs that can be used to take over a Zoom user’s Mac, including tapping into the webcam and microphone.”

On Wednesday, Patrick Wardle, a former NSA hacker revealed on his blog that the two bugs “can be launched by a local attacker — that’s where someone has physical control of a vulnerable computer. Once exploited, the attacker can gain and maintain persistent access to the innards of a victim’s computer, allowing them to install malware or spyware.”

According to Wardle, an attacker can inject malicious code into Zoom to trick it into giving the attacker the same access to the webcam and microphone that Zoom already has.

Once an attacker tricks into loading a malicious code, the code will “automatically inherit” any or all of Zoom’s access rights, Wardle says — “and that includes Zoom’s access to the webcam and microphone.”

So far, Zoom has not fixed either have they responded to these concerns. Unfortunately, there’s nothing Zoom users can do and there’s no way one can easily determine whether they’ve already been hacked. Wardle’s recommends that users who care about security and privacy should consider finding another solution and stop using Zoom.

However, Mashable recommends that protect yourself at least for now, go to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers and set to “Deny all”.

However, the new findings are not the first privacy/security-related issues that have been found at Zoom. On Tuesday, The Intercept reported that Zoom does not use an end-to-end encrypted connection for its calls, despite claiming to do so. Additionally, the issue of leaking users’ emails and photos to unrelated parties, and the fact that the company’s iOS app, until recently, sent data to Facebook for no good reason.

Related Topics:
Enterprise Team

Kenyan Enterprise is Kenya's most incisive and informative platform to learn about business news, technology, markets, companies, startups, leadership advise, curated business and industry opinion, and affluent lifestyles.

Advertisement
Kimani Patrick

Enterprise Magazine is Owned by The Carlstic Group Ltd. Copyright © 2016—2024. Site Developed and Maintained by Carlstic