However, he says “internal security folks in Zoom should be reviewing this behaviour.” It’s true that Zoom is the app du jour, so is this influx of scrutiny and resulting surge in reported vulnerabilities fair? Ian Thornton-Trump, chief security officer at Cyjax says: “What we are seeing is a brutal pummelling of a company that has more marketing genius than development acumen.” MORE FROM FORBES Beware Zoom Users: Here's How People Can 'Zoom-Bomb' Your Chat By Kate O'Flaherty The app’s privacy policy details pretty intrusive data collection, while Zoom is prone to a security risk called “ Zoom bombing.” Meanwhile the app is not end-to-end encrypted, rendering it unsuitable for very sensitive video meets and chats. Over the last week, I’ve reported on multiple concerning security and privacy issues impacting Zoom. “We are in the process of updating our installer to address one issue and will be updating our client to mitigate the microphone and camera issue.” Multiple issues with Zoom “Really, they are low hanging fruit, meaning that security and secure design was not a consideration when creating this product.”Ī Zoom spokesperson sent me a statement over email, which reads: “We are actively investigating and working to address these issues. “Zoom’s security and privacy track record is rather poor–and these bugs are trivial to exploit,” says Wardle. Once Zoom has been tricked into loading the malicious code, it gains all Zoom access rights. While a user needs to give their consent for Zoom to use the webcam or mic, Wardle explains how an attacker could inject malicious code into Zoom to force the app to provide access.
Meanwhile, the second issue found by Wardle exploits a flaw in the way Zoom handles the Mac’s webcam and microphone. MORE FROM FORBES Google Just Confirmed Major Chrome Update Following Powerful COVID-19 Security Move By Kate O'Flaherty
0 kommentar(er)
