Security: Heartbleed bug Update in Zoom App

Heartbleed Bug update in zoom app is a serious vulnerability of the famous OpenSSL cryptographic software library. This weakness makes it possible to steal information protected under normal conditions by means of SSL / TLS encryption used to protect the Internet. SSL / TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM), and some virtual private networks (VPNs).

Which version of OpenSSL will be affected?

Status of each version:

・ OpenSSL 1.0.1 to 1.0.1f (including both ends) vulnerability
・ OpenSSL 1.0.1g is not vulnerable
・ OpenSSL 1.0.0 branch is not vulnerable
・ OpenSSL 0.9.8 branch is vulnerable Not

A bug was introduced in OpenSSL in December 2011, and since OpenSSL Release 1.0.1 was released on March 14, 2012, it has been released to the public. OpenSSL 1.0.1g released on April 7, 2014 fixes a bug.

Read it also –

Security Bash Bug Update For Zoom App

How does this affect the Zoom client/app?

  • The Zoom client uses OpenSSL 1.0.0 and is not vulnerable.

How does this affect the Zoom cloud?

  • The Zoom application server running on the Zoom cloud uses OpenSSL 1.0.0 and is not vulnerable.
  • Regenerate the secret key *. The new certificate has been deployed to AWS ELB.
  • Re-enter the API key and passed all 3rd party service integration.

How does this affect the password?

There have been no cases where user data or credentials have been compromised.

  • When logging in via work email, Zoom only stores passwords encrypted using a one-way hash, so no password change is required.
  • If you logged in via Google, please refer to the latest information on Google services Updated.
  • If you logged in with Facebook, see Heartbleed Hit List Updates.
See also  Comparison of call routing methods in Zoom App

Frequently Asked Questions


There is a security warning regarding an untrusted certificate on this server

It is not a private connection that you are using. Your financial information or personal information can be stolen by attackers through Zoom, which could be the reason for this attack. In this case, Zoom was unable to prove that this server was Zoom. Gateway Authentication is the company that issues its certificate.

A remote hacker could exploit one of these vulnerabilities to download audio and video data from Zoom meetings he is not authorized to participate in by exploiting one of these vulnerabilities. If any of these vulnerabilities can be exploited by the hacker, he would have access to audio and video data from Zoom meetings that he is not authorized to participate in.
Meetings that are protected
  1. It is important to encrypt a meeting in order to ensure its security.
  2. Attendees may be able to wait in waiting rooms created for them.
  3. In order for the meeting to begin, the host must be present.
  4. It is possible to expel all the participants or one participant at a time.
  5. Activities of participants should be suspended.
  6. The meeting can be locked at any time.
  7. It is possible to add a watermark to a screen share.
  8. A signature that can be heard.
If you are interested in hosting or co-hosting a Zoom meeting, please follow the steps below in order to get started. In the top right corner of the video window, you will find an icon that represents encryption in green. You will then be able to see the Overview of Security Settings. Upon opening the meeting, you will be presented with a window in which you will be able to see all the settings regarding meeting security as well as whether or not they are also enabled for the meeting session.
There is a greater level of security with Google Meet than with Zoom. The company ensures that messages are encrypted, but it does not ensure that the encryption is end-to-end. It is possible to encrypt messages “in transit”. It consists of only two steps to encrypt them, so they can only be decrypted between the Google servers and your device.

Related Articles

Requiring Meetings To Have One Security Option In Zoom App
In Zoom Meeting Security Options
May 2020 Passcode And Security Settings In Zoom App
Security Bash Bug Update For Zoom App
Security Logjam Updates For Zoom App
Zoom Security Of Communication Route On Cloud
Security Saml Vulnerability Zoom Video
Security Ghost Vulnerability Zoom App
How To Change Account Security Settings In Zoom App
Security Cve 2018 15715 Zoom App
How To Assign Users To Receive Security Emails From Zoom
How To Start With Zoom Security And Privacy
About Cooperation With Security Group On Ad In Zoom App
Security White Paper In Zoom App
See also  How do I log out (sign out) or sign in (login) of the client from Zoom?