Zoom is a popular tool used for video conferencing, and became a hit during the past two years. That has brought more unwanted attention from hackers, who are now able to take advantage of a new vulnerability in the platform.

Zoom has a security flaw that allows attackers to install malware on the device, without the user getting alerted about it. The security flaw has been reported in the Zoom Client for Meetings platform which is available for Android, iOS, macOS, Windows and Linux as well. Zoom says the vulnerability was found in the version 5.10.0, which fails to properly validate the hostname during a server switch request.

“This issue could be used in a more sophisticated attack to trick an unsuspecting user’s client to connect to a malicious server when attempting to use Zoom services," Zoom noted in a blog post.

Zoom got to know about the issue via Ivan Fratic, a bug hunter with Google’s Project Zero group. Frantic informed Zoom about the security flaw in February this year, after which the bug was fixed via an update.

So, if you are using the Zoom Client with version before 5.10.0, the company is asking you to update the software right away. It is also warning people from clicking on any links from unknown sources that may be carrying the malware.

Zoom is used by millions for both personal and business use. The last thing you want is a software to be infected with malware that has the potential to harm the user in many ways.

Issues like this keep popping up regularly, and it is imperative that companies have a robust security mechanism in place to thwart any danger. Updates are a big part of that process, helping the software to fix the bug and give you better security against other zero-day matters that can be troublesome in the future.

