The Information Systems Security Branch is sounding the alarm: Several critical vulnerabilities have been discovered in the ZOOM videoconferencing solution.
Among these vulnerabilities, cites the Directorate of National Defense, a Zero-Day that allows an attacker to steal Windows identification and authentication information using a malicious link sent to a user running ZOOM on his machine.
How does this Zero-Day work? These experts explain in a note that once the user clicks on this malicious link, Windows sends the user’s login name and the hash of the NTLM password, which can be easily decrypted.
In addition, adds the same source, the exploitation of this flaw can allow an attacker to execute commands remotely.
It is therefore recommended that users handling sensitive information stop using this solution and change their Windows authentication passwords.