Ars Technica

Attackers can use Zoom to steal users’ Windows credentials with no warning

Update: 4/2/2020 9:47 California time On late Wednesday, Zoom officials said that the UNC bug and a separate pair of bugs disclosed by researcher Patrick Wardle had been fixed. The video conferencing ...
Bleeping Computer

Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links

The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link. When using the Zoom ...