UCSF IT Technology

Zoom has released a security bulletin to address a vulnerability in the Zoom Client for Meetings for MacOS. An attacker could exploit this vulnerability to control the Zoom Apps running in the Zoom client.

Zoom has released security updates to address vulnerabilities in Zoom. These vulnerabilities allow an attacker to perform zero-click remote code execution (RCE).

Zoom released a security update to address a High actively exploited vulnerability in Zoom.  Local low-privileged users could exploit this vulnerability to escalate their privileges to root.

Zoom has released a security bulletin to address a vulnerability in Zoom Meeting Connector. An attacker could exploit this vulnerability to crash the application.  For a complete description of the vulnerabilities and affected systems go to CVE-2022-28750 Detail. IT Security

Threat Alert: What to Watch For Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.

Zoom has released security updates to address High and Medium vulnerabilities in Zoom. These vulnerabilities allow an attacker to perform zero-click remote code execution (RCE). For a complete description of the vulnerabilities and affected systems Zoom Security Bulletins. IT Security