This year has had moments of sweet and sour for Zoom. Its explosive growth in users during quarantine and its consolidation in the collective consciousness as one of the video calling applications par excellence has been tainted by the presence of some security flaws in the platform.
A security flaw in your application that affected Windows 7, the second most used version of this operating after Windows 10, was recently corrected for its potential danger for millions of users. This, despite this operating system has already been declared discontinued by Microsoft.
To correct this vulnerability, Zoom users running the application from Windows 7 or earlier have been invited to download a security patch that will prevent their computers from being attacked by cybercriminals.
Details of the problem and official solution
This update came after revealing a report a week ago, issued by the Slovenian cybersecurity firm ACROS Security, who detected this flaw that would allow an external attacker to remotely seize a computer that runs the Zoom application under some version of Windows excluded from the software. current security update cycles.
After receiving an anonymous report, the company verified that anyone could successfully exploit this vulnerability by using an exploit, which would allow access to the files on the attacked computer and even take over the entire device.
We analyzed the problem and determined that it is only exploitable on Windows 7 and earlier systems. Although Microsoft’s official support for Windows 7 has ended this January, there are still millions of home and corporate users who are prolonging their lives with Microsoft’s extended security updates or 0patch, commented Mitja Kolsek, CEO of the firm regarding this case. known as zero-day fault.
Through 0patch, ACROS Security’s security advisory service, the aforementioned company offered a temporary patch, free of charge, for anyone who downloaded the 0patch agent. However, due to the subsequent arrival of an official solution by Zoom, this alternative was rejected.
The impact on older versions of Windows
The scope of a vulnerability of these dimensions is not less, considering that despite its age, Windows 7 continues on the podium within the versions of this operating system, concentrating almost 20% of the preferences, surpassing Windows 8.1 and ranking below only Windows 10.
In this context, Microsoft has insisted on convincing Windows 7 users to update their computers to newer versions of the operating system. However, statistics show that this campaign has not been so successful, despite even offering free updates to Windows 10.
It should be remembered that by not receiving more security updates, an operating system such as Windows 7 or an older version is mostly vulnerable to exposures of this type. For this reason, its use is not recommended for daily activities, to avoid dangers such as the one described here. Herein lies the importance of keeping a computer up to date.
Fortunately, those who were exposed to this risk can breathe easy. If they have the most up-to-date version of the application, the bug does not run.