NCC-CSIRT Advise Zoom Users to Install The Latest Updated Software, Citing Discovery Of Vulnerabilities

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users of the cloud-based video conferencing platform Zoom to install the app’s latest software update from its publisher’s official website due to some vulnerabilities discovered in the older version of the app.

According to the NCC-CSIRT, there are so many vulnerabilities in the older version of the Zoom app that hackers can exploit and use to bypass implemented security limitations on the targeted system.

“These vulnerabilities exist owing to incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130, NCC-Advisory said.

“A remote attacker could exploit these flaws to join a meeting they were not permitted to attend without being seen by the other attendees.

“They can also access audio and video feeds from meetings they were not permitted to attend, as well as interrupt other sessions.

“Successful exploit of these vulnerabilities could allow an unauthorized remote authenticated user to bypass implemented security limitations on the targeted system”.

The Computer Security Incident Response Team (CSIRT) is the telecom sector’s cyber security incidence center set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

It also works collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing the Nigerian cyberspace to forestall attacks, problems, or related events.

The CSIRT has continuously advised citizens to avoid downloading questionable apps or apps they are unsure about, while urging those who have already installed identified malicious apps to delete them immediately or risk jeopardizing their privacy.