{"id":17185,"date":"2024-04-01T19:40:04","date_gmt":"2024-04-01T11:40:04","guid":{"rendered":"https:\/\/www.microdium.com\/public\/?p=17185"},"modified":"2024-04-01T19:40:04","modified_gmt":"2024-04-01T11:40:04","slug":"mycert-advisory-security-updates-zoom-rooms-client-for-windows","status":"publish","type":"post","link":"https:\/\/www.microdium.com\/public\/2024\/04\/01\/mycert-advisory-security-updates-zoom-rooms-client-for-windows\/","title":{"rendered":"MyCERT Advisory &#8211; Security Updates-Zoom Rooms Client for Windows"},"content":{"rendered":"<p><strong>1.0 Introduction<\/strong><br \/>\nRecently, Zoom has released security updates to address the vulnerability in Zoom Rooms Client for Windows \u2013 Improper Access Control (CVE-2024-24693) and Zoom Rooms Client for Windows \u2013 Race Condition (CVE-2024-24692) products.<\/p>\n<p><strong>2.0 Impact<\/strong><br \/>\nImproper access control and race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.<\/p>\n<p><strong>3.0 Affected Products<\/strong><\/p>\n<ul>\n<li>Zoom Room Client for Windows before version 5.17.5.<\/li>\n<\/ul>\n<p><strong>4.0 Recommendations<\/strong><br \/>\nUsers and system administrators are encouraged to review the\u00a0<a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/\" target=\"_blank\" rel=\"noopener\">Zoom Security Bulletin<\/a>\u00a0and upgrade to the latest version.<\/p>\n<p>Kindly refer to the URL for more information:<\/p>\n<ul>\n<li>CVE-2024-24693:\u00a0<a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24010\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24010\/<\/a><\/li>\n<li>CVE-2024-24692:\u00a0<a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24009\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24009\/<\/a><\/li>\n<\/ul>\n<p>Generally, CyberSecurity Malaysia advises the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.<\/p>\n<p>For further enquiries, please contact us through the following channels:<\/p>\n<p>E-mail: cyber999[at]cybersecurity.my<br \/>\nPhone: 1-300-88-2999 (monitored during business hours)<br \/>\nMobile: +60 19 2665850 (24&#215;7 call incident reporting)<br \/>\nBusiness Hours: Mon &#8211; Fri 09:00 -18:00 MYT<br \/>\nWeb:\u00a0<a href=\"https:\/\/www.mycert.org.my\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.mycert.org.my<\/a><br \/>\nTwitter:\u00a0<a href=\"https:\/\/twitter.com\/mycert\" target=\"_blank\" rel=\"noopener\">https:\/\/twitter.com\/mycert<\/a><br \/>\nFacebook:\u00a0<a href=\"https:\/\/www.facebook.com\/mycert.org.my\" target=\"_blank\" rel=\"noopener\">https:\/\/www.facebook.com\/mycert.org.my<\/a><\/p>\n<p><strong>5.0\u00a0 \u00a0 References<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/<\/a><\/li>\n<li><a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24009\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24009\/<\/a><\/li>\n<li><a href=\"https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24010\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zoom.com\/en\/trust\/security-bulletin\/ZSB-24010\/<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>1.0 Introduction Recently, Zoom has released security updates to address the vulnerability in Zoom Rooms Client for Windows \u2013 Improper Access Control (CVE-2024-24693) and Zoom Rooms Client for Windows \u2013 Race Condition (CVE-2024-24692) products. 2.0 Impact Improper access control and race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":17186,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-17185","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-disaster-recovery-cybersecurity-news-malaysia"],"_links":{"self":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts\/17185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/comments?post=17185"}],"version-history":[{"count":1,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts\/17185\/revisions"}],"predecessor-version":[{"id":17187,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts\/17185\/revisions\/17187"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/media\/17186"}],"wp:attachment":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/media?parent=17185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/categories?post=17185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/tags?post=17185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}