Expert Advise on Zoom Zero Day Vulnerability Allows Hackers to Target Windows 7 PCs

A previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely commandeer computers running old versions of the Microsoft Windows operating system, security researchers said Thursday. A hacker who successfully exploits the vulnerability could access files on the vulnerable computer, said Mitja Kolsek, chief executive of ACROS Security, the Slovenian cybersecurity firm that highlighted the issue. “If the user is a local administrator, the attacker could completely take over the computer,” Kolsek told CyberScoop. The “zero-day” vulnerability applies to Zoom software running on Windows 7, or even older operating systems. More information: https://www.cyberscoop.com/zoom-zero-day-windows-7-acros/

Experts Comments

July 13, 2020
Boris Cipot
Senior Sales Engineer
Synopsys
Although Microsoft Windows 10 makes up the majority of existing Windows operating systems, there is still a substantial number of Windows 7 systems in use. What is most concerning is that many using these older systems are, in fact, governmental and public sector infrastructures. The good news is that Zoom has acknowledged this vulnerability as critical and are already working on a way to remediate it. However, the question now is, what will impacted users do to avoid the risk of exposure?.....Read More
Although Microsoft Windows 10 makes up the majority of existing Windows operating systems, there is still a substantial number of Windows 7 systems in use. What is most concerning is that many using these older systems are, in fact, governmental and public sector infrastructures. The good news is that Zoom has acknowledged this vulnerability as critical and are already working on a way to remediate it. However, the question now is, what will impacted users do to avoid the risk of exposure? Since the discovery of this vulnerability, Zoom has not yet had the time to repair it. As such, users are advised to be careful. As Zoom is easy to re-install, users would do well to remove Zoom from affected machines, and then reinstall it once the threat has been removed.  Read Less
July 13, 2020
Brian Higgins
Security Specialist
Comparitech.com
Windows 7 is no longer supported by Microsoft and users don’t receive any security updates. I’m therefore not at all surprised that they are vulnerable to a new, zero-day attack. However expensive it is to upgrade to supported software it’s still got to be better than leaving yourself, your devices, or even your organisation open to anyone who wants to download a bit of malware and take a pop at you. Take the hit and protect yourself. It’s the only solution.
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.