Site icon TechNewsBoy.com

Government issues advisory for Zoom users: Details

The Indian Computer Emergency Response Team (CERT-In) has identified multiple vulneabilities in video conferencing platform Zoom. Issuing an advisory, the agency said that vulnerabilities in Zoom can allow a remote unauthenticated user to join a Zoom video meet without appearing to other participants in the joinee list.

Categorized under ‘Medium’ threat level, the vulnerabilities, CERT-In says can allow a hacker to bypass implemented security restrictions on the targeted systems. They can secretly join a Zoom meeting and obtain the audio and video feeds of the meeting.

CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. This government body is responsible for reporting bugs and cybersecurity threats like hacking and phishing attacks.

The vulnerabilties have also been reporetd by Zoom. These are dubbed CVE-2022-28758, CVE-2022-28759, and CVE-2022-28760, and they affect Zoom’s On-Premise Meeting Connector MMR before version 4.8.20220815.130. This improper access control vulnerability, Zoom says, can allow a malicious actor to join a meeting which they are unauthorized to join without appearing to the other participants.

Zoom raised the vulnerability on September 13, while the cyber agency has issued the advisory on September 19. In its advisory, CERT-In has advised users to update to the latest version of Zoom on their devices. In order to update Zoom on your laptop, sign in to Zoom desktop client. Here, click on your profile picture and check for updates. If a new version is available, download and install it. Smartphone users can go to the Google Play or Apple App Store and check the latest versions of the Zoom app.

Recently, CERT-In issued a high risk warning for some Microsoft users. This included Microsoft Windows, Microsoft Office, Microsoft SharePoint, Microsoft Dynamics CRM, Visual Studio and .NET Framework. The agnecy advised the users of these Microsoft products to apply the latest security patch based on Microsoft’s September 2022 security update.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Post your comment
First article

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version