Security Expert On Zoom Zero-day Vulnerability

Video conferencing software Zoom is working on patching a zero-day vulnerability that was disclosed online earlier today in a blog post by cyber-security firm ACROS Security. The security firm said the zero-day impacts Zoom’s Windows client, but only when the clients are running on old Windows OS versions, such as Windows 7 and Windows Server 2008 R2 and earlier.

Experts Comments

July 10, 2020
Timothy Chiu
Vice President of Marketing
K2 Cyber Security
This latest vulnerability is a good reminder that vulnerabilities can have dependencies on other applications and operating systems. It’s best security practice to make sure all the components, including the OS on a system, are up to date -- it’s not enough to have just the application up to date. What makes this case worse is that the OS (Windows 7) involved in this latest vulnerability is one that’s no longer supported by Microsoft. Unsupported code has the added problem that it’s.....Read More
This latest vulnerability is a good reminder that vulnerabilities can have dependencies on other applications and operating systems. It’s best security practice to make sure all the components, including the OS on a system, are up to date -- it’s not enough to have just the application up to date. What makes this case worse is that the OS (Windows 7) involved in this latest vulnerability is one that’s no longer supported by Microsoft. Unsupported code has the added problem that it’s unlikely a fix will be forthcoming. In this case, Zoom may be able to fix their code, but it’s not likely any help will come from Microsoft.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.