Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: G+ Digg Delicious Reddit Facebook Twitter StumbleUpon

[-]
Tags
zoom video conferencing patches bug serious

Zoom Patches Serious Video Conferencing Bug
#1
Quote:Zoom patched a bug this week that enabled people to hijack customer video conferences. Attackers with network access could have taken control of participating computers, researchers discovered.

Zoom sells video conferencing software for the business market and says that over 750,000 companies use its platform. This bug allowed attackers to spoof chat messages and kick attendees out of meetings. David Wells, a researcher at Tenable Security, reported the bug and provided an analysis including a proof of concept demonstration video explaining how attackers could compromise the Zoom system. The vulnerability, which affected the Windows, Mac and Linux versions of Zoom’s software, lay in the way the company queued and processed messages in its software, Wells said. This vulnerability affects the following Zoom versions:
  • macOS 10.13, Zoom 4.1.33259.0925
  • Windows 10, Zoom 4.1.33259.0925
  • Ubuntu 14.04, Zoom 2.4.129780.0915
The internal mechanism that Zoom uses to send its network messages handles two kinds of network packet: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). While TCP would typically be used to control sessions, UDP is a simpler protocol often used to send session content. UDP doesn’t have the kind of handshaking and packet loss prevention overhead that you find in TCP packets, making it leaner and meaner. It’s perfect for the latency-sensitive network communications that you’d find in audio and video conferencing. The messaging mechanism dispatches both kinds of packet to the same message handler program. Wells worked out a way to create a malformed UDP packet that the message handler interprets as a TCP message. The exploit works because the message handler isn’t validating the incoming messages to spot the malformed packet, according to Tenable’s synopsis.


https://nakedsecurity.sophos.com/2018/12...ncing-bug/
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)