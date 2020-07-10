Security researchers have found a zero-day vulnerability in the Windows Client for Zoom which could allow hackers to take over your PC if you click on a Zoom link.

Fortunately for most Windows users, the hack is only exploitable on Windows 7 and earlier, but a 1/3 of Windows users are unfortunately still on this platform.

The vulnerability was reported to Zoom by security company opatch and has not been publicly released. It works on a fully patched version of Windows 7, which is of course currently unsupported by Microsoft, even for security updates.

Fortunately, Zoom has been quick to react to the issue, saying:

“Zoom takes all reports of potential security vulnerabilities seriously. This morning we received a report of an issue impacting users running Windows 7 and older. We have confirmed this issue and are currently working on a patch to quickly resolve it.”

The company has now released a fix, version 5.1.3 of the app, saying:

“Users can help keep themselves secure by applying current updates or downloading the latest software from https://zoom.us/download.”

The issue is an object lesson for why it is important to keep your operating system current, with Timothy Chiu, vice-president of marketing at K2 Cyber Security, saying:

“It’s not enough to have just the application up to date. In this case, Zoom may be able to fix their code, but it’s not likely any help will come from Microsoft.”

