A potential vulnerability was uncovered with the Zoom video conferencing platform. Read on to see what steps you can take to protect affected computers and users.
What it is
Earlier this week, media outlets picked up a story about a vulnerability uncovered by a security researcher where an attacker could theoretically lure a target into clicking a link to a Zoom meeting. A Mac user with Zoom installed currently or previously could click the link, causing the Zoom app to launch automatically. If the app were configured to automatically enable video when joining a meeting, the attacker would have immediate access to the victim’s webcam video feed.
Fortunately, the severity is not as dramatic as many news articles state. First, you have to be tricked into clicking an unknown link, and users are increasingly aware that this is a bad idea. Second, if you unintentionally enter a Zoom meeting, the Zoom app will move to the foreground and it should be obvious this has occurred, enabling you to leave the meeting right away. Third, an attacker would have no access to the data on your computer or any ability to execute malware. In reality, this threat is less severe than your typical phishing attack where clicking a malicious link will lead to much greater consequences that may easily go unnoticed.
Still, Zoom has responded to the uproar by pushing out an emergency update for their Mac app that removes the ability to join meetings with a single click and allows users to easily uninstall Zoom completely. A forthcoming update for Mac and Windows will allow users to more easily manage their default video settings when joining meetings.
What you can do now
Mac and Windows Users—Update Privacy Settings:
Click your user icon (usually your initials) in the top right > Settings
Check the box for Turn off my video when joining a meeting
Mac Users—Update Zoom:
Some users will be prompted to update or their app will update and restart automatically
Otherwise, click the zoom.us menu in the top menu bar > Check for Updates…
Launch or continue security awareness training for your users
How you can be better prepared
Phishing attacks such as this will continue to be a problem impacting a variety of applications. We recommend that organizations continue to invest in ongoing security awareness training for their users.
In addition, more security conscious operations may be interested in automatically forcing the installation of third-party application patches, such as the one issued by Zoom today. If this is of interest to you, please reach out to Kinetix for more information at firstname.lastname@example.org or through our contact form.