Security: Heartbleed bug Update in Zoom App

Heartbleed Bug update in zoom app is a serious vulnerability of the famous OpenSSL cryptographic software library. This weakness makes it possible to steal information protected under normal conditions by means of SSL / TLS encryption used to protect the Internet. SSL / TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM), and some virtual private networks (VPNs).

 

Which version of OpenSSL will be affected?

Status of each version:

・ OpenSSL 1.0.1 to 1.0.1f (including both ends) vulnerability
・ OpenSSL 1.0.1g is not vulnerable
・ OpenSSL 1.0.0 branch is not vulnerable
・ OpenSSL 0.9.8 branch is vulnerable Not

A bug was introduced in OpenSSL in December 2011, and since OpenSSL Release 1.0.1 was released on March 14, 2012, it has been released to the public. OpenSSL 1.0.1g released on April 7, 2014 fixes a bug.

 

How does this affect the Zoom client/app?

  • The Zoom client uses OpenSSL 1.0.0 and is not vulnerable.

 

How does this affect the Zoom cloud?

  • The Zoom application server running on the Zoom cloud uses OpenSSL 1.0.0 and is not vulnerable.
  • Regenerate the secret key *. The new zoom.us certificate has been deployed to AWS ELB.
  • Re-enter the API key and passed all 3rd party service integration.

 

How does this affect the password?

There have been no cases where user data or credentials have been compromised.

  • When logging in via work email, Zoom only stores passwords encrypted using a one-way hash, so no password change is required.
  • If you logged in via Google, please refer to the latest information on Google services Updated.
  • If you logged in with Facebook, see Heartbleed Hit List Updates.
See also  We assumed access using only SSO, but without login we will be able to login using only username and password in Zoom App

 

 

People Also Search For

zoom security warning untrusted server certificate your connection is not private
security warning untrusted server certificate zoom
zoom security warning untrusted server certificate message
this server could not prove that it is zoom
zoom untrusted server certificate your connection is not private
zoom security warning untrusted server certificate fix
zoom untrusted server certificate warning
zoom security certificate warning
untrusted server certificate
digicert ecc secure server ca
dsldevice.domain_not_set.invalid outlook
untrusted server certificate zoom room
zoom support
this server could not prove that it is zoom
zoom bugs
zoom issues today
zoom security issues
zoom download
zoom data breach 2020
zoom cyber attack news
zoom data breach china
citibank security breach
zoom cloud meeting data leak
zoom compromise

 

zoom security warning untrusted server certificate your connection is not private

security warning: untrusted server certificate zoom

zoom security warning untrusted server certificate message

this server could not prove that it is zoom

zoom untrusted server certificate your connection is not private

zoom security warning: untrusted server certificate fix

zoom untrusted server certificate warning

zoom security certificate warning