On 4/2/20 5:43 PM, Mark Wieder via use-livecode wrote:
I'd be more concerned about this vuln if I were running Windows.
Luckily there's a simple group policy or registry fix.
<https://www.bleepingcomputer.com/news/security/zoom-lets-attackers-steal-windows-credentials-run-programs-via-unc-links/>
I'm *very* impressed with Zoom's engineering team, rolling out a new
version to quash this vulnerability asap. I got prompted to install the
new version this morning. Upgrading was painless. Not only is Zoom being
super-responsive about this (and given the publicity lately it stands to
reason that they would) but they're being upfront about the issues and
backtracking and patching in public in real time. You don't often see
companies with this size a customer base turn on a dime like this.
--
Mark Wieder
[email protected]
_______________________________________________
use-livecode mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
