Image

Remote conferencing services provider Zoom patched a vulnerability that could have allowed an attacker to find and join active meetings. Check Point explained that the issue stemmed from the way in which Zoom secured certain meetings:
If you use Zoom, you may already know that Zoom Meeting IDs are composed of 9, 10 or 11 digits. The problem was that if you hadn’t enabled the “Require meeting password” option or enabled Waiting Room, which allows manual participants admission, these 9-10-11 digits were the only thing that secured your meeting i.e. prevented an unauthorized person from connecting to it.
Image

The privacy and security of Zoom’s users is our top priority. The issue was addressed in August of 2019, and we have continued to add additional features and functionalities to further strengthen our platform. We thank the Check Point team for sharing their research and collaborating with us.News of this vulnerability and its subsequent fix come less than a year after Zoom plugged a security issue that could have allowed an attacker to hijack a Mac user's webcam without their permission by tricking them into visiting a malicious website.