To correct various high-impact security flaws
“This vulnerability could potentially be exploited to obtain information about arbitrary areas of the product’s memory,” according to Zoom’s advisory
The flaws, discovered and reported by Google Project Zero researcher, affect the company's flagship Zoom meeting client across all major platforms and could be exploited for code execution attacks.
Here is the complete list of affected Zoom products:
• Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4
• Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1
• Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4
• Zoom Client for Meetings for Chrome OS before version 5.0.1
• Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3
• Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3
• Zoom VDI before version 5.8.4
• Zoom Meeting SDK for Android before version 5.7.6.1922
• Zoom Meeting SDK for iOS before version 5.7.6.1082
• Zoom Meeting SDK for macOS before version 5.7.6.1340
• Zoom Meeting SDK for Windows before version 5.7.6.1081
• Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2
• Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115
• Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115
• Zoom On-Premise Recording Connector before version 5.1.0.65.20211116
• Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117
• Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117
• Zoom Hybrid Zproxy before version 1.0.1058.20211116
• Zoom Hybrid MMR before version 4.6.20211116.131_x86-64
We ask all users to update to the latest version! Follow this link
Source: following link
