Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish

Users of Zoom Told to Update App Over Security Flaw | #firefox | #chrome | #microsoftedge | #hacking | #aihp

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised Zoom users to install the latest update of the software from the company’s official website following ”the discovery of vulnerabilities that allow a remote attacker to exploit the app”.

NCC-CSIRT, the Nigerian telecom sector’s cyber security centre, said this in a statement released on Thursday.

The statement, signed by Reuben Muoka, NCC-CSIRT’s director of public affairs, revealed that the Indian Computer Emergency Response Team (CERT-In) discovered bugs in the Zoom software.

The NCC-CSIRT advisory stated that the glitches found could allow hackers to bypass safety systems.

READ ALSO: Ransomware Is Dangerous. Here’s How to Protect Your Data and Networks From It

According to the NCC-CSIRT, a remote attacker could exploit the vulnerabilities to circumvent implemented security measures and cause a denial of service on the targeted machine.

”These vulnerabilities exist owing to incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130,” NCC-CSIRT’s advisory said.

“Remote attackers could manoeuvre the flaws to join meetings unauthorised, be invisible to other attendees, illegitimately access audio and video feeds from meetings, and interrupt meeting sessions.”

The NCC-CIRST advisory pointed out that the weak spot could allow unaccredited users to evade the platform’s security measures on specific structures.

READ ALSO: 5 Google Chrome Extensions Are Silently Stealing Data From Nigerians

Zoom’s video telephony platform became popular with over 300 million daily users for virtual meetings during the COVID-19 pandemic.

Original Source by [author_name]

Click Here For The Original Source.


National Cyber Security