Updated March 20, 2024, 16:39 PM IST
- CERT-In warns of high severity vulnerabilities in Zoom Rooms Client.
- Vulnerabilities could lead to denial-of-service (DoS) attacks.
- Users advised to update software, use secure connections, and enable Two-Factor Authentication (2FA).
The Indian Computer Emergency Response Team (CERT-In) has issued a high-security warning concerning the Zoom Rooms Client, a widely-used platform for video and audio conferencing. According to CERT-In, several vulnerabilities have been discovered in the Zoom Rooms Client, potentially allowing an authenticated attacker to disrupt the system’s functioning and cause what is known as a denial-of-service (DoS) situation.
The severity of these vulnerabilities has been classified as “high” by CERT-In, highlighting the critical nature of the issue. The vulnerabilities primarily affect the Zoom Rooms Client for Windows versions preceding 5.17.5, indicating the urgency for users to update their software to the latest version.
CERT-In’s official website outlines that the vulnerabilities stem from a combination of a “race condition” and “improper access control,” making the system susceptible to exploitation by malicious actors.
To mitigate the risks associated with these vulnerabilities, users are advised to take several precautionary measures. Firstly, it is imperative to ensure that the Zoom Rooms Client is updated to the latest version, which includes patches and fixes for known vulnerabilities. Additionally, users should prioritize connecting via secure networks and avoid public or unsecured Wi-Fi connections, which can increase the likelihood of unauthorized access.
Enabling Two-Factor Authentication (2FA) is another crucial step in bolstering security measures, as it adds an extra layer of protection against unauthorized access attempts. Regularly checking for security advisories and alerts from official sources like CERT-In is also recommended to stay informed about potential threats and vulnerabilities.
Furthermore, adhering to cybersecurity best practices such as using strong and unique passwords, exercising caution while clicking on links or attachments, and promptly reporting any suspicious activity or vulnerabilities can further enhance security measures and safeguard systems and data.
By proactively implementing these recommendations and staying vigilant against cybersecurity threats, users can mitigate the risk of falling victim to malicious attacks and ensure the security and integrity of their communication platforms.
Also Read: Google Health and Apollo Collaborate to Leverage AI for Early Disease Detection in India