The security flaw of the zoom allows others to see too much

The security flaw of the zoom allows others to see too much

A security glitch in Zoom's screen sharing feature could put users' data at risk The glitch allows a portion of the presenter's screen that should not be visible to be seen for a short period of time

This means that the presenter may inadvertently reveal sensitive information such as usernames and passwords without the presenter being aware of it Furthermore, there is always the possibility that something embarrassing could be displayed at the same time

Zoom allows presenters to share a view of the entire screen, a specific application, or a small area of the screen discovered by SySS security consultants Michael Strametz and Matthias Deeg, this new flaw means that "under certain conditions" a single application view will not function properly

Instead of broadcasting only one application, viewers can briefly see other windows on the presenter's screen

Researchers have found that other applications are only open for "a brief moment," but may be enough for a cautious viewer to catch a glimpse of sensitive information

Be especially careful if one of the participants is recording a meeting Even if people are unable to register the information for a brief moment while other screens are visible, viewers can still go back and snoop through the recording

Of course, exploiting this bug is challenging because the attacker must actually be present on the call The severity also depends on what data is being shared Items such as password manager screens would be a major concern, as would the contents of sensitive emails

Also, if other Zoom meeting attendees saw you looking at a cute animal Reddit page, it wouldn't be as serious a problem It might be a little embarrassing to have it out in the open for everyone to see, but it would not adversely affect your life

The flaw was reported to Zoom on December 2, but the researchers are "unaware of any fixes"; the current version of Zoom for Windows, version 554 (131420301), still contains the vulnerability, which, according to the researchers, "is not reliably reproducible way" to occur

Zoom told Threatpost that it is aware of the issue and is working to resolve it In the meantime, you need to be more careful when presenting on Zoom Do not open applications that you wish to keep private

Categories