February 14, 2024 at 09:03AM
Zoom patched seven vulnerabilities in its desktop and mobile applications, including a critical-severity bug in Windows software (CVE-2024-24691). The company also addressed high-severity and medium-severity flaws, warning of potential exploitation for conducting denial-of-service attacks or leaking information. Users are urged to update their applications to the latest releases. No reported exploitation in malicious attacks yet.
The meeting notes provide information about the security vulnerabilities identified in Zoom’s desktop and mobile applications. These vulnerabilities include critical, high, and medium severity issues that could potentially allow attackers to escalate privileges, exploit untrusted search paths, and lead to information leaks. The company has released patches for these vulnerabilities and advises users to update their applications to the latest available releases.
It is noted that Zoom has not mentioned any of these vulnerabilities being exploited in malicious attacks, and additional information on the bugs can be found on Zoom’s security bulletins page.
This information is crucial for assessing and addressing potential security risks to ensure the safe usage of Zoom’s applications across different platforms.