September 30, 2020

Report: Hackers can steal Windows credentials via links in Zoom chat

An unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.

A hacker could use an attack called a UNC path injection to expose credentials, according to an attack posted on Twitter and subsequently followed up with an additional video. According to The Hacker News, that’s because Windows exposes a user’s login name and password to a remote server when attempting to connect to it and download a file.

To read this article in full, please click here

Via:: Report: Hackers can steal Windows credentials via links in Zoom chat