Zoom’s vulnerability “CVE-2018-15715” was discovered in October 2018.
As a result of this vulnerability, a remote attacker or attacker may use as follows:
1. Control the participant’s keyboard and mouse
If the participant is sharing the screen, bypass the screen control permission while the unauthorized attendee is sharing the screen,
You can control the participant’s keyboard and mouse, and control the victim’s desktop.
2. Send a chat message
I spoof a person who is present at a meeting and send a chat message.
3. Leave attendees from the meeting room.
An attendee other than the host leaves the other attendees.
You can control other microphone mutes.
Until now, there has been no report of the actual damage caused by exploiting this vulnerability.
Immediately after this vulnerability has been discovered, Zoom, Inc. Windows, Mac, iOS, the Android
is now embarked on the development of the modification programs available so we modified version of the following is released
we recommend the implementation of the update You
- What is the current version?
- Version upgrade procedure
Zoom takes the security of our customers and the Zoom platform very seriously and has taken
additional steps to keep it from being affected by similar vulnerabilities.
Windows: 4.1.34460.1105 or later
Mac: 4.1.34475.1105 or later
Linux: 2.5. 146186.1130 or later
IOS: 4.1.18 (4460.1105) or later
Android: 4.1.34489.105 or later
Chrome: 3.3.1635.1130 or later
Windows: 4.1.6 (35121.1201) or later
Mac: 4.1.7 (35123.1201) or later
Chrome: 3.6.2895.1130 or later
Windows: 4.1.30384.1029 or later
Mac: 4.1.3418.1026 or later
IOS: 4.1.40376.1024 or later
Android: 4.1.34082.1024 or later
/>Meeting room connector: Completed product 12/6/2018 or later
Skype for the Business connector: Completed product 12/2/2018 or later
Virtual room connector: 4.1.4813.1201 or later
Conference connector: 4.3.135059.1129 or later
Recording connector: 3.6.58865.1130 or later