UPDATED 20:30 EDT / APRIL 23 2020

SECURITY

Zoom passes 300M daily users as new security vulnerability discovered

Zoom Video Communications Inc. continues to surge in popularity during the COVID-19 pandemic even as yet another security vulnerability has been revealed.

Chief Executive Officer Eric Yuan revealed during a webinar on April 22 that the company now has more than 300 million daily users, up 50% from 200 million users it had at the beginning of the month.

“Clearly, the Zoom platform is providing an incredibly valuable service to our beloved users during this challenging time,” Yuan said. “We are thrilled and honored to continue to earn the trust of so many enterprises, hospitals, teachers and customers throughout the world.”

Zoom has been the No. 1 app of the pandemic, with millions using the videoconferencing service as they’re forced to work from home. After surging to the top of app charts in March, Zoom still remains at the top on both iOS and Android, according to data from App Annie.

With that popularity has come increased scrutiny over its security and Zoom has struggled. Various security vulnerabilities have been uncovered and there’s yet a new one.

Detailed Wednesday by Daniel Petrillo at Morphisec Technologies Ltd., the newly discovered vulnerability in the Zoom app allows potential attackers to record Zoom sessions and capture text chats without the knowledge of meeting participants.

“The trigger (evading detection) is a malware that injects its code into a Zoom process without any interaction of the user and even if the host did not enable the participant to record,” Petrillo explains. “When recording in this way, none of the participants are notified that the session is being recorded while the malware fully controls the output.”

Petrillo noted that this works on the latest version of Zoom with antivirus and security features turned on. That said, Zoom did announce the new 5.0 version of its client and app Wednestday. Whether the vulnerability exploited by the malware is present in the new version is unknown. Petrillo noted that Morphisec has informed Zoom of the vulnerability.

Zoom has doubled down on addressing security issues. The company announced April 2 that it was freezing feature development for 90 days to focus on enhancing security and privacy for users.

Photo: Zoom

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.