Zoom new 0day vulnerabilities (Pwn2Own 2021)

A pair of security researchers have uncovered many 0day vulnerabilities in τις τελευταίες ημέρες που θα επέτρεπαν στους hacker να αναλάβουν τον υπολογιστή κάποιου, ακόμη και αν το θύμα δεν κάνει κανένα .

Zoom told Gizmodo that a server side update was released on Friday to address vulnerabilities and that users do not need to do anything.

The vulnerabilities were identified by Dutch researchers Daan Keuper and Thijs Alkemade from Computest Security, a security company, as part of the competition Pwn2Own 2021 organized by the initiative Day Initiative. Αν και δεν είναι γνωστές πολλές λεπτομέρειες για αυτές τις ευπάθειες λόγω της πολιτικής του διαγωνισμού, στην ουσία, οι ερευνητές χρησιμοποίησαν μια αλυσίδα τριών σφαλμάτων στην εφαρμογή Zoom για επιτραπέζιους υπολογιστές για να πραγματοποιήσουν μια απομακρυσμένη εκτέλεση κώδικα στο σύστημα προορισμού.

Ο he must not click to make the attack successful. You can see the error below.

In one statement regarding Keuper and Alkemade's victory, Computest Security reported that the researchers were able to almost completely take over the targeted systems, performing actions such as activating ς, ενεργοποίηση του μικροφώνου, ανάγνωση email, έλεγχος της οθόνης και λήψη ιστορικού του προγράμματος .

In case you forgot, the Zoom was not synonymous with security last year. There were Zoom Bombings that took advantage of Zoom's then loose control measures to drop porn clips and Nazi slogans in online sessions.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).