Many sources and websites confirmed that the famous video communications app company Zoom is working on fixing a new security vulnerability that may compromise many users.
According to the experts, this vulnerability has no noticeable effect on mobile users or windows 8 and windows 10 users.
The vulnerability was reported by 0patch security company. 0patch co-founder and CEO Mitja Kolsek stated that the memory corruption issue in Windows could be used for Remote Code Execution (RCE) and goes without security warnings being shows to the user during the attack.
Kolsek also said that 0patch reported the issue to Zoom’s team and issued a security patch to stop this kind of attacks until Zoom release the fix.
As there was no technical details about this vulnerability, a statement from Zoom received by znet, confirmed the accuracy of the ported issue.
Zoom’s spokesman statement:
“Zoom takes all reports of potential security vulnerabilities seriously. This morning we received a report of an issue impacting users running Windows 7 and older. We have confirmed this issue and are currently working on a patch to quickly resolve it.”
A Zoom spokesperson could not commit to a timeline of when the fix would be available due to the unpredictability of developing a comprehensive fix; however, a patch is currently in the works.
On its side, Zoom postponed working on all new features and focusing mainly on bug fixing ,privacy and security improvements.