UPDATED 20:30 EDT / APRIL 23 2020

zoom2 SECURITY

Zoom passes 300M daily users as new security vulnerability discovered

Zoom Video Communications Inc. continues to surge in popularity during the COVID-19 pandemic even as yet another security vulnerability has been revealed.

Chief Executive Officer Eric Yuan revealed during a webinar on April 22 that the company now has more than 300 million daily users, up 50% from 200 million users it had at the beginning of the month.

“Clearly, the Zoom platform is providing an incredibly valuable service to our beloved users during this challenging time,” Yuan said. “We are thrilled and honored to continue to earn the trust of so many enterprises, hospitals, teachers and customers throughout the world.”

Zoom has been the No. 1 app of the pandemic, with millions using the videoconferencing service as they’re forced to work from home. After surging to the top of app charts in March, Zoom still remains at the top on both iOS and Android, according to data from App Annie.

With that popularity has come increased scrutiny over its security and Zoom has struggled. Various security vulnerabilities have been uncovered and there’s yet a new one.

Detailed Wednesday by Daniel Petrillo at Morphisec Technologies Ltd., the newly discovered vulnerability in the Zoom app allows potential attackers to record Zoom sessions and capture text chats without the knowledge of meeting participants.

“The trigger (evading detection) is a malware that injects its code into a Zoom process without any interaction of the user and even if the host did not enable the participant to record,” Petrillo explains. “When recording in this way, none of the participants are notified that the session is being recorded while the malware fully controls the output.”

Petrillo noted that this works on the latest version of Zoom with antivirus and security features turned on. That said, Zoom did announce the new 5.0 version of its client and app Wednestday. Whether the vulnerability exploited by the malware is present in the new version is unknown. Petrillo noted that Morphisec has informed Zoom of the vulnerability.

Zoom has doubled down on addressing security issues. The company announced April 2 that it was freezing feature development for 90 days to focus on enhancing security and privacy for users.

Photo: Zoom

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.