Zoom Zero-day Vulnerability Allows Hackers To Trigger Remote Code Execution
Zoom Zero-day vulnerability has been disclosed by security researchers during the Pwn2Own contest, which is a contest for cybersecurity professionals to compete in the discovery of bugs and vulnerabilities. Zoom hasn't had time to patch the bug yet, so technical details aren't disclosed to the public, however, the demonstration shows how an attacker was able to open the calculator on the same machine that is running Zoom following its exploit. The exploit works on Windows and Mac Zoom versions and is yet to be tested on iOS and Android. According to Zoom, an attack has to originate from an accepted external contact or be a part of the target's same organizational account, so it is recommended to only accept calls from trusted sources. Read more...