Zoom Vulnerability Lets Attackers Steal Windows Login Credentials: Researchers
The Windows client of viral video chat app, Zoom, reportedly has a critical vulnerability that could allow attackers to steal the login credentials of users. According to cybersecurity researchers, Matthew Hickey (@HackerFantastic) and Mitch (@_g0dmode0), the software'south chat feature is vulnerable to UNC path injection, enabling attackers to capture the NTLM countersign hashes every time someone clicks on a link within messages.
Hi @zoom_us & @NCSC – here is an case of exploiting the Zoom Windows client using UNC path injection to expose credentials for apply in SMBRelay attacks. The screen shot below shows an instance UNC path link and the credentials being exposed (redacted). film.twitter.com/gjWXas7TMO
— Hacker Fantastic (@hackerfantastic) March 31, 2020
As reported by Bleeping Computer, the vulnerability stems from the fact that Zoom automatically converts all URLs that are sent via text letters into hyperlinks. However, information technology currently fails to distinguish between actual URLs and Windows networking UNC paths, converting all of them into hyperlinks en masse. If a user clicks on a UNC path link, Windows will attempt to connect to the remote site, thereby sending the user's login proper name and NTLM password hash to the malicious server.
The researchers also released a proof-of-concept demo that non only illustrates how the password hashes can be sent to 3rd-political party servers, but how they can exist likewise be croaky using gratis tools like Hashcat to dehash, potentially jeopardizing millions of users. As if that wasn't bad enough, Hickey also claims that the vulnerability can be used to launch programs on a local computer past using a similar process.
The trouble remained unresolved as of Tuesday, only Hickey says that Zoom can hands mitigate information technology past no longer converting UNC paths into clickable hyperlinks. "Zoom should not render UNC paths every bit hyperlinks is the fix, I accept notified Zoom as I disclosed it on Twitter", he told Bleeping Computer. Zoom is yet to release a set to mitigate the vulnerability, only there are a couple of manual workarounds using the Group Policy Editor and the Windows Registry. You tin can check them out on Bleeping Calculator.
Source: https://beebom.com/zoom-vulnerability-steal-windows-login/
Posted by: reedphim1968.blogspot.com
0 Response to "Zoom Vulnerability Lets Attackers Steal Windows Login Credentials: Researchers"
Post a Comment