The Logjam vulnerability allows a man-in-the-middle attacker to downgrade a vulnerable TLS connection to 512-bit export-grade encryption using the Diffie-Hellman key exchange. This allows attackers to read and modify data passed over TLS connections for applications such as web, email, instant messaging (IM), and virtual private networks (VPNs).
Which version of OpenSSL will be affected?
OpenSSL version status:
OpenSSL 1.0.2 and 1.0.2a are vulnerable.
OpenSSL 1.0.1 to 1.0.1m is vulnerable.
OpenSSL 1.0.2b, released June 11, 2015, fixes this vulnerability by rejecting handshakes shorter than 768 bits.
How does this affect the Zoom client/app?
Zoom clients using OpenSSL 1.0.0 are not affected by this vulnerability.
How does this affect the Zoom cloud (zoom.us )?
The Zoom application server running on the Zoom cloud uses OpenSSL 1.0.0 and is not vulnerable.
How does this affect my password?
No cases have been found where user data or credentials have been compromised.
For more information on this article, please refer to Security: Logjam Updates.
Related article
Security: Bash update
Confirmation items regarding the handling of personal information
Security: SAML vulnerability
[Administrator] Audio watermark
[Administrator] Audio watermark (audio watermark)
People Also Search For
zoom security update
zoom security advisory
zoom vulnerability
zoom security bug
zoom help security
zoom rooms vulnerability
zoom ghost
zoom ghosting
zoom rooms vulnerability
zoom help security
zoom ghost
zoom security whitepaper
zoom data breach 2020
zoom cyber attack news
zoom data breach china
citibank security breach
zoom cloud meeting data leak
zoom compromise
