CVE-2022-22782 The Zoom Client for Meetings, Zoom Rooms for Conference Room, Zoom Plugins for Microsoft Outlook, and Zoom VDI Windows Meeting Clients all had an older version that was vulnerable to remote code execution.

CVE-2022-22782 The Zoom Client for Meetings, Zoom Rooms for Conference Room, Zoom Plugins for Microsoft Outlook, and Zoom VDI Windows Meeting Clients all had an older version that was vulnerable to remote code execution.

This issue was addressed in version 5.9.7, which now includes a checking mechanism that prevents the installer from repairing if the machine on which it is run has been tampered with. In addition, the aforementioned versions of Zoom Products released prior to version 5.9.7 were also impacted by a potential remote attack vector. Hackers could have used this to install a malicious application onto the system of unsuspecting end users.

Zoom Product Installation Vulnerability

Zoom Remote Desktop Services (RDS) is an app used for remote control of a PC. The software allows users to connect and use their own PC at home or work. The product is typically installed on a machine that already has another RDS app installed, such as the Zoom Telepresence app.
VPN-2022-22782
This vulnerability was addressed in version 5.9.7, which now includes a checking mechanism that prevents the installer from repairing if the machine on which it is run has been tampered with. In addition, the aforementioned versions of Zoom Products released prior to version 5.9.7 were also impacted by a potential remote attack vector. Hackers could have used this to install a malicious application onto the system of unsuspecting end users.

What to do if you are affected?

If you have a version of Zoom Products prior to 5.9.7 and your machine is running, it is recommended that you update the software immediately. This can be done by following the instructions below:
- Click on Settings
- Select Check for Updates
- If an update is available, click on Download now

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe