Zoom patches critical security flaws across its Windows apps — update now to stay safe

The flaw is tracked as CVE-2024-24691 and carries a severity rating of 9.6 - critical.

Patching the flaws

Although the company did not detail the flaw, the publication speculates that it requires some level of victim interaction in order to be abused, citing the CVSS vector. This interaction, given usual hacking practices, could involve clicking a link, opening a malware-laden email attachment, or something similar.

Zoom has an automatic updater, so the next time you bring up the app, it should update on its own. For those that have disabled automatic updates, here’s a link where you can find the version 5.17.7 for Windows.

In the same advisory, Zoom also announced addressing six additional vulnerabilities, including one that allows privilege escalation through local access, three that allow information disclosure remotely, and one that allows for the denial of service, over the network. 

The company advises users to apply the patch as soon as possible to protect their endpoints.

Zoom is a popular cloud-based video conferencing service which companies often use to run remote meetings and calls, education, demonstrations, and similar. It rose to prominence during the Covid-19 pandemic, quickly becoming the most-used application in the world. At one point, it had 300 million daily meeting users. 

This also attracted plenty of hackers who saw this as an opportunity to steal sensitive company data, putting the spotlight on patches and quick fixes.

Via BleepingComputer

More from TechRadar Pro

• Zoom has patched a number of security issues
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now