dataendure-banner.jpg

DataEndure Blog

Security

Security Advisory: Critical Vulnerability Found in Zoom Meetings Platform

Shahin Pirooz | Dec 5, 2018 2:02:51 PM

Situation
A critical vulnerability was found in the Zoom meetings platform that affected all Zoom products.

Problem
The vulnerability could allow a malicious user to control Zoom meeting functions and, if a user was sharing their desktop, take control of the mouse and keyboard.

Implication 
If a malicious user were to take control of the desktop mouse and keyboard, they would have full access of the system.

Need
Zoom has issued a fix for the issue that users should use to update. 

Fixed Versions:

Zoom Client:
Windows: 4.1.34460.1105
Mac: 4.1.34475.1105
Linux: 2.5.146186.1130
IOS: 4.1.18 (4460.1105)
Android: 4.1.34489.1105
Chrome: 3.3.1635.1130 

Zoom Rooms:
Windows: 4.1.6 (35121.1201)
Mac: 4.1.7 (35123.1201)
Chrome: 3.6.2895.1130

Zoom SDK:
Windows: 4.1.30384.1029
Mac: 4.1.34180.1026
IOS: 4.1.34076.1024
Android: 4.1.34082.1024

Zoom Cloud:
Conference Room Connector: Scheduled for early December
Skype for Business Connector: Completed 12/1/2018

Zoom On-Premise Products:
Virtual Room Connector: 4.1.4813.1201
Meeting Connector: 4.3.135059.1129
Recording Connector: 3.6.58865.1130

Sign-up for DataEndure’s Free Vulnerability Health Check