From reading the news and Twitter I just assumed someone found a Zoom RCE. Turns out, no. Bug 1: clickable links are in fact clickable Bug 2 & 3: if an attacker already has access to your machine, they can do bad things.
-
-
Yup okay that replicates it. That's sneaky and awesome.
- 8 more replies
New conversation -
-
-
So they already have an exploit.bat in their Downloads? How does that get there in an attack scenario? Does it accept process plus arguments?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

You can try to copy this if twitter doesn't mangle it: