Zoom Remote Code Execution Security Vulnerability Found For Windows And MacOS
We're still confirming the details of the #Zoom exploit with Daan and Thijs, but here's a better gif of the bug in action. #Pwn2Own #PopCalc pic.twitter.com/nIdTwik9aW
— Zero Day Initiative (@thezdi) April 7, 2021
Since the vulnerability was discovered and confirmed, it has been reported that this attack works on Windows and macOS but has not yet been tested on mobile platforms. In a statement to Malwarebytes, Zoom explained that it is now working to mitigate the issue across the board, thanks to the researchers. It also reported that “the attack must also originate from an accepted external contact or be a part of the target’s same organizational account,” so it likely will not be a widespread issue in the future. In any case, it is still cool to see things like this pop up, so let us know what you think of this vulnerability find in the comments below.