BleepingComputer reports a recently discovered vulnerability in Zoom which allows an attacker to steal Windows login credentials from other users. The problem lies in how the Zoom discussion handles links, because it converts Windows Naming Convention (UNC) paths for Windows networking to clickable links. If a user clicks on such a link, Windows will disclose the user’s Windows login name and password.
The good thing is that the password is hashed; but the bad thing is that in many cases it is simple to reveal it using password recovery tools such as Hashcat.
The vulnerability was first discovered by a security researcher @ _g0dmode and verified by a security researcher Matthew Hickey. In addition, Hickey told the media that this vulnerability can be used to launch programs on a victim’s computer when they click a link, although Windows gives (default) at least one security warning before start the program.
As for security vulnerabilities, this is pretty bad, because it doesn’t require a lot of knowledge to be exploited. This requires that the victim actually clicks on a link, and this can be mitigated by tweaking Windows security settings, but it’s certainly something that Zoom should fix by changing the way platform chat handles UNC links.
In the meantime, for a quick solution, go to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network Security: restrict NTLM: outgoing NTLM traffic to remote servers and set to “Deny all” .
Mashable contacted Zoom to comment on this story, and we will update it when we respond to you.
It’s not the only privacy / security issue that has been discovered at Zoom in the past two weeks. Just yesterday, The Intercept reported that Zoom does not actually use an end-to-end encrypted connection for its calls, although it claims to do so. There is also the problem disclosure of user emails and photos to unrelated parties, and the fact that the company’s iOS app, until recently, sent data to Facebook without valid reason.
The Zoom software also has some disturbing privacy features, and while this is not Zoom’s fault, it should be noted that the Pirates are using the new popularity of the app to entice users to download malware.