Press "Enter" to skip to content

A Glitch in Zoom Screen-Sharing Feature, Leaking Your Private Data

Zoom has become one of the most popular video conferencing solutions for working and learning from home as the onset of the COVID-19 pandemic. Given that the stage is so popular, it is not surprising that security flaws pop up from time to time. Subsequently, researchers from Germany have discovered a glitch in Zoom’s screen-sharing feature, which may leak all kinds of data if captured.

The glitch denoted as CVE-2021-28133, “occasionally allows attackers to read private information on a participant’s screen, even though the participant never tried to share with the private portion of their screen.” This can happen when a particular window has been screen-shared, and a desktop application is either opened or closed. Though the closed or open application might flicker for a short second, it might be a lot to collect information should the attacker be recording the assembly.

The researchers at pentesting firm SySS posted a video to YouTube demonstrating the privacy flaw, which you can see above. As it stands, the current Windows Zoom variant 5.5.4 and prior 5.4.3 are affected by the matter. Currently, Zoom hasn’t provided a safety record, nor has it pushed any sort of patch.
Finally, if you’re worried about leaking sensitive information, either turn off screen-sharing until a fix is released or do not open or close software that will contain sensitive information while screen-sharing. Hopefully, Zoom will release a fix for this rather quickly, and if you want to find out more about this issue, you can read SySS’s advisory.

Be First to Comment

Leave a Reply

Your email address will not be published.