Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
A security glitch in Zoom’s screen-sharing feature could potentially put users’ data at risk. The flaw briefly lets people see parts of a presenter’s screen that shouldn't have been visible at all.
That means the presenter could inadvertently be broadcasting sensitive information, such as usernames and passwords, without even realizing it. Plus there’s always the potential for embarrassing stuff to show up at the same time.
- These are the best video chat apps you can use right now
- Not a fan of Zoom? Here are the best Zoom alternatives for video calling
- Plus: Apple AR headset leak reveals eye tracking — and it looks like a game changer
Zoom gives presenters the option to share a view of their entire screen, certain applications, or a very select area of the screen. This new flaw, discovered by SySS security consultants Michael Strametz and Matthias Deeg, means that “under certain conditions” the single-application view doesn't work correctly.
Rather than broadcasting one app, and only one app, viewers would briefly be able to see other windows on a presenter’s screen.
The researchers found that other applications were only open for “a brief moment”, but that may well be enough for a vigilant viewer to get a glimpse of sensitive information.
That’s especially concerning if any participants are recording the meeting. Even if people can’t register any information during the brief moment the other screens are visible, viewers could go back through their recordings and snoop around.
Of course there are difficulties in exploiting this bug, since it would rely on an attacker actually being present on the call in the first place. The severity also depends on how the kind of data that’s shared. Items like the screens of password managers would be a major concern, as would the contents of sensitive emails.
Then again, if other Zoom meeting participants saw you looking at a Reddit page of cute animals, it wouldn't be as serious a problem. It may be a little embarrassing for that to be on display to everyone, but it’s not going to negatively impact your life.
The flaw was reported to Zoom on December 2, but the researchers say that they are “not aware of a fix”. The current version of Zoom for Windows, version 5.5.4 (13142.0301), is still vulnerable, and researchers say the problem can occur in a “reliably reproducible manner”.
Zoom told Threatpost that it is aware of the issue and is working to resolve the problem. In the meantime, you should be more careful about the things you do while presenting on Zoom. Don’t open any applications you want to keep private.
- More: Zoom Bombing: How to keep trolls out of your Zoom meetings
