Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)

Zoom Client is prone to an unauthorization message processing vulnerability.

A vulnerability in the Zoom client could allow a remote, unauthenticated attacker to control meeting functionality such as ejecting meeting participants, sending chat messages, and controlling participant microphone muting. If the attacker was also a valid participant in the meeting and another participant was sharing their desktop screen, the attacker could also take control of that participant's keyboard and mouse. The vulnerability is due to the fact that Zoom's internal messaging pump dispatched both client User Datagram Protocol (UDP) and server Transmission Control Protocol (TCP) messages to the same message handler. An attacker can exploit this vulnerability to craft and send UDP packets which get interpreted as messages processed from the trusted TCP channel used by authorized Zoom servers.

The Zoom client: - before version 4.1.34460.1105 on Windows - before version 4.1.34475.1105 on Mac OS X - before version 2.5.146186.1130 on Linux

Checks if a vulnerable version is present on the target host.

Update the: - Microsoft Windows client to version 4.1.34460.1105 or later - Mac client to version 4.1.34475.1105 or later - Linux client to version 2.5.146186.1130 or later