Two ‘zero day’ security flaws in video conferencing platform Zoom are allegedly being sold by hackers, which would allow unwelcome users to hack and eavesdrop on calls according to Vice’s Motherboard.
A zero-day vulnerability is a newly discovered software vulnerability without an official patch or update to the fix the issue.
The two zero-day flaws are said to be present in Zoom’s Windows and MacOS clients, however Motherboard reported that the anonymous sources have not seen the code for the vulnerabilities, having only been contacted by brokers offering them for sale.
Zoom has experienced a number of recent setbacks and alleged security flaws in recent months, going as far as Zoom founder and CEO Eric being 'deeply sorry' for 'falling short of privacy and security expectations' in reaction to a series of incidents where security issues have been highlighted with the video meeting software.