PDQ.com mobilePDQ.com desktop
Support

Zoom Vulnerability Fix

Jordan HammondJordan Hammond
·

Do you like credentials? I know I do, but I tend to like them when they are mine and mine alone. Recently a zero day has been found with zoom where I may not be able to keep my credentials to myself and that makes me sad.

What is at Risk

In the chat, Zoom will convert a UNC path to a clickable link. If some ne’er-do-well sent over a UNC path to an external site and it is clicked on, your machine will attempt to connect to the remote site, sending your credentials in the attempt. It is the password hash, but there are many free tools that can crack those in no time. Adding to the issues is that the same exploit can be used to launch an application on your machine.

The Good News?

As you would expect there were instantly some workarounds to mitigate this issue. Some great and some that went a bit too far. However, Zoom has patched this issue, so you can avoid those steps and just install the latest version of the product. You could spend a lot of time tracking down machines that need the update and forcing that through, but I might recommend Using PDQ Inventory to let you know which machines have the software, and PDQ deploy to quickly update it so this security hole is closed.

Conclusion

Zero day exploits are never fun. The ideal scenario is we never have them pop up in our environment. Chances are very good that it will happen at some point. Luckily the steps we follow usually follow the same track. With the right set up you can get your environment as safe as possible rather quickly. I am off to click some links I just had pop up on my screen.

Don't miss the next post!

Using PowerShell to Install Printers

When installing printers, we will need to do the four things; Add Driver to the Store, Install the Driver, Create Printer Port, and Install the Printer