CONFERENCE CALLS. They’re the bane of many careers, leading to endless hours trying to fill in the gaps caused by sound dropouts and laughing because the person on the screen has turned blue and stroby.
Yet, despite all of the ineptitude of the entire format, there are still hundreds of thousands of calls boring people senseless every day, and Zoom has become the Slack of the format – hugely popular to an almost quasi-religious extent.
Bad news, then that a security researcher, David Wells of Tenable (not the game show) has found a big gaping bug in the Zoom desktop app that let’s gatecrashing hackers take control of the meeting.
The issue involves UDP packets (a common hack for IoT devices), which should be identifiable and rejected if they don’t come from the right place. Unfortunately, the bug meant that any commands the Windows, Linux and Mac apps intercepted were treated verbatim.
That means the hacker could send the tainted code which lets them do everything from joining the call, to kick other people off it.
Or in techie terms, the Tenable blog, explains: “This bug is due to the fact that Zoom’s internal messaging pump (util.dll!ssb::events_t::loop) dispatches both client User Datagram Protocol (UDP) and server Transmission Control Protocol (TCP) messages (from util.dll!ssb::select_t::loop) to the same message handler in ssb_sdk.dll.
“This allows an attacker to craft and send UDP packets which get interpreted as messages processed from the trusted TCP channel used by authorized Zoom servers.”
The good news is that Zoom, which boasts three-quarters of a million companies using its services, has already patched its servers and updated its apps. But individual users will need to make sure that they have installed the latest versions to remove the bug – and that could make for some stressful days for some sysadmins in large companies which could potentially have hundreds of deployments. μ
Source : Inquirer