October 26, 2020

Update: Zoom issues fix for UNC vulnerability that lets hackers steal Windows credentials via chat

Update: After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post. Part of the blog post detailed a bug fix to be released, which would fix the UNC vulnerability described in our origin...

Update: After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post. Part of the blog post detailed a bug fix to be released, which would fix the UNC vulnerability described in our original story, among other things. The fix appears to be pushing out automatically to users. PCWorld staff who’ve already received the fix report the version number as 4.6.9 (19253.0401).

An unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.

To read this article in full, please click here