Recent reports reveal that Zoom video conferencing software has vulnerabilities that allow an attacker to steal Windows authentication credentials. The isolation campaign caused by the COVID-19 pandemic has increased the popularity of Zoom, as many employees choose this option when working from home.
BleepingComputer reported that security vulnerability was discovered by @ _g0dmode and verified by security researcher Matthew Hickey. The problem is caused by the way the Zoom chat handles the transmitted links. When a user clicks on such a link, Windows will provide the login username and password.
In addition, Hickey said this vulnerability can be used to launch programs on a victim’s computer when a link is clicked.
To prevent these risks, specialists recommend changing the Windows settings: Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers and set to “Deny all”.