14 DAY TRIAL // A remote code execution vulnerability has been discovered in the Zoom client for Windows, and by the looks of things, only systems where Windows 7 is installed are actually exposed.
Security company 0patch, which has also published a micropatch for the flaw before Zoom actually resolved the vulnerability, explains that a remote attacker can exploit the vulnerability by simply convincing a user to perform a simple action like opening a file.
Once the malicious document is loaded, the attacker can launch the RCE attack, with no warning displayed on the victim’s computer.
While the flaw exists in the Zoom client on all Windows versions, only Windows 7 computers are exposed.
“This vulnerability is only exploitable on Windows 7 and earlier Windows versions. It is likely also exploitable on Windows Server 2008 R2 and earlier though we didn't test that; either way, our micropatch will protect you wherever you're using Zoom Client,” 0patch notes.
Official fix already available
Zoom has already patched the bug in version 5.1.3 of its Windows client. Users who previously installed the micropatch released by 0patch don’t need to do anything when applying the official Zoom fix, as the micropatch itself becomes obsolete automatically.
At the end of the day, this vulnerability shows just how important it is to always run a supported version of Windows.
The official support for Windows 7 came to an end in January this year, which means that the 2009 operating system is no longer getting any new updates and security patches from Microsoft. Additional fixes are shipped through custom security updates (available with a fee) or using third-party products like 0patch. However, as this vulnerability proves, Windows 10 comes with additional protections in place, very often keeping users and their data protected when new vulnerabilities are discovered.