Bleeping Computer has discovered another security flaw with the conferencing app Zoom.
The one that allows hackers to steal user passwords. The vulnerability comes at a time when its popularity has blossomed as employees use it to work from home due to the ongoing global pandemic.
Zoom is an application that allows many people to log into an online conference. Logged in, people in the meeting can see and hear one another and send documents back and forth like in a face-to-face meeting.
Security issues have been beset - hackers can steal Microsoft Windows passwords for access to programs and data on PCs and servers.
The glitch involves users clicking on a link that someone, who has connected to the conference call, shares with the participants. Clicking on it forwards the user's credentials to the person who sent the link. Easy-breezy.
Zoom engineers are reportedly working on a fix for the vulnerability. Meanwhile, the company officials have asked users to change their Windows settings. They suggest turning off automatic transmission of NTML credentials to a remote server.
Comments