Explorer

Beware! Govt Warns Zoom App Users Against Multiple Security Threats

CERT-In or Computer Emergency Response Team, the country's top cyber security agency has found several security flaws in the popular video conferencing app Zoom.

CERT-In or Computer Emergency Response Team, the country's top cyber security agency has found several security flaws in the popular video conferencing app Zoom. The country's nodal agency under the Ministry of Electronics and Information Technology has warned Zoom users of security vulnerabilities that can let a remote unauthenticated user join a Zoom video meeting without even appearing to other participants in the list of all participants in the video call.

This is what Zoom is calling improper access control vulnerability, according to reports. Zoom reported the security flaw a few days back on September 13 and CERT-In issued the advisory on September 19. 

Also read: Beware! SOVA Trojan Virus Infecting Banking Apps, Can Encrypt Android Phones For Ransom

“These vulnerabilities exist due to improper access control implementation. A remote attacker could exploit these vulnerabilities to join a meeting they are authorised to join without appearing to the other participants or obtain the audio and video feed of a meeting they were not authorised to join and cause other meeting disruptions,” read an advisory by CERT-In.

Also read: Major VPN Companies Withdrawing Servers From India Before New Privacy Rules By CERT-In Come Into Effect

CERT-In has advised also cautioned Zoom users to update to the latest version of the Zoom app to avoid any likely security issues. The security vulnerabilities have been dubbed CVE-2022-28758, CVE-2022-28759, and CVE-2022-28760, and they affect Zoom's On-Premise Meeting Connector MMR before version 4.8.20220815.130.

This comes amid reports that Zoom is planning to debut its own email and calendar services, possibly as soon as its Zoomtopia conference for customers in November, a recent report said citing a person with direct knowledge of the company's plans.

Meanwhile, a new banking virus has been recently identified by CERT-In which has the capability to compromise sensitive consumer data and harm large-scale financial frauds is on the prowl. The banking Trojan virus is named SOVA and it can also stealthily encrypt an Android smartphone user's device for ransom.

Top Headlines

OPINION | India's Smartphone Affordability Shift: Why Value Matters More Than Price
OPINION | India's Smartphone Affordability Shift: Why Value Matters More Than Price
Too Much AI Slop On LinkedIn? Users Are Turning To Messy, Human Posts For Better Reach
Too Much AI Slop On LinkedIn? Users Are Turning To Messy, Human Posts
Musk Vs Altman Reloaded: Apple Lawsuit Triggers Fresh AI Billionaire Brawl On X
Musk Vs Altman Reloaded: Apple Lawsuit Triggers Fresh AI Billionaire Brawl
Netflix Considers Radical Live TV Move Amid Growing Engagement Concerns: Report
Netflix Considers Radical Live TV Move Amid Growing Engagement Concerns

Videos

Breaking News: Protests Against Pakistan Government Continue in PoK for 35th Day
Safety Alert: Birthday Banner Falls From Flyover Onto Bike on Thane Highway
Breaking News: Baba Ramdev's Hindu Rashtra Remarks Trigger Political Controversy
Breaking News: Nitesh Rane's Remarks on Aamir Khan's Marriage Spark Political Row
Breaking: Four Teenagers Drown in Yamuna River in Delhi's Alipur

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget