A critical vulnerability has been identified in the Zoom Workplace VDI Client for Windows, tracked as CVE-2025-64740, which could enable attackers with local access to gain elevated privileges. This flaw results from improper verification of cryptographic signatures during the installation process, potentially allowing malicious code injections or unauthorized command execution if exploited successfully.
The vulnerability affects various versions of Zoom Workplace for Windows prior to updates 6.3.14, 6.4.12, and 6.5.10. Although exploiting this vulnerability requires local authenticated access and user interaction, the significant implications, including compromises to confidentiality, integrity, and availability of the system, warrant immediate attention. Zoom has advised users to upgrade to the latest secure versions and emphasized the importance of keeping software up-to-date in enterprise environments, where Zoom is widely used for remote work.
👉 Pročitaj original: Cyber Security News
