From reading the news and Twitter I just assumed someone found a Zoom RCE. Turns out, no. Bug 1: clickable links are in fact clickable Bug 2 & 3: if an attacker already has access to your machine, they can do bad things.
-
-
I tried after asking and got this popup which, I guess if we put it in http context this would be much like clicking a .exe link and Internet Explorer saying "wanna run this instead of download it?" Seems mostly like any other phishing type attack and not a zoom problem imo.pic.twitter.com/rc8CZn6FzA
-
That's just MoTW, I've verified it works. No prompts required. I think someone could realistically click on that.pic.twitter.com/VwYGB5il48
- 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
