Since the coronavirus outbreak has much of the world working from home, videoconferencing has become a must-have service for organizations looking to stay in touch. One videoconferencing app that has particularly increased in popularity has been Zoom. Zoom has been keeping people connected through video, however a vulnerability found recently in the software has also turn the app into a security risk.

The vulnerability in the Zoom allows attackers to steal Windows login credentials from other users. Zoom converts Windows networking UNC paths into clickable paths. If a user clicks on these links, Windows leaks the user’s login credentials.  With the login credentials are delivered to threat actors, the passwords are hashed. However it is easy for attackers to discover these passwords using tools like Hashcat, a password recovery tool.

Security researcher Matthew Hickey notes that if a user clicks a corrupt link, this vulnerability can be used to launch programs on a victim’s computer. Windows will give a security warning before launching the program if a user clicks the link.

Zoom users can mitigate the risk of falling prey to this vulnerability by adjusting their Microsoft Security Settings. To fix this issue, users can go to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers and set to "Deny all".

Story via Mashable