Zoom Conferencing Security Update

Zoom Conferencing

We’ve been asked by a number of our clients about Zoom Conferencing and want to update you as there is a lot of concern out there. We suggest if you use Zoom (or any competing video collaboration solution), you follow the four steps below to prevent the vast majority of the threats out there:

These four steps will prevent the vast majority of the threats out there:

  1. Don’t use your Personal Meeting ID for the meeting. Instead, use a per-meeting ID, exclusive to a single meeting.
  2. Enable the “Waiting Room” feature so that you can see who is attempting to join the meeting before allowing them access.
  3. Disable other options, including the ability for others to Join Before Host (it should be disabled by default, but check to be sure).
  4. Once the meeting begins and everyone is in, lock the meeting to outsiders and assign at least two meeting co-hosts.

Relatedly, in reviewing the tech notes, we wanted to update you regarding a number of recent “Zero Day” security flaws that could allow sophisticated and/or persistent remote attackers to breach a user’s system via the Zoom local agent DESPITE following the suggestions listed above.

These vulnerabilities all required some type of focused attack – often enhanced by targeted social engineering against a specific user. With this said, all these issues have been addressed and Zoom is now secured against these known threats ASSUMING all your users have patched/upgraded their Zoom Conferencing software in the last three weeks. Of note, this recommendation to patch/upgrade is a CRITICAL recommendation for all software and not just Zoom, but Zoom is an excellent example of why constant patching/upgrading is essential to overall security.

On a related note, we believe these technical vulnerabilities were the result of three factors listed below:

  1. They are indicative of a poor internal security testing and software review culture that may be endemic of more “Zero Day” security flaws to come.
  2. As the largest collaborative vendor – attackers focused on Zoom more often than the other vendors, who may be as equally vulnerable as Zoom (e.g., the comparison of a profound amount of MS vulnerabilities versus MAC vulnerabilities due to MS tremendous market presence).
  3. A combination of both of the above (my vote).

Please contact us if you have any questions.