Currently there is a vulnerability in the Windows Zoomclients that allows unintended privilege escalation. Malicious actors could, for example, delete system-level data and render your computer unusable.
The vulnerability affects "Zoom Desktop Client" on MS-Windows prior to version 5.15.0. This vulnerability is rated CVE-2023-36538, with vulnerability rating CVSS 8.4 as “high”. Reference: https://explore.zoom.us/en/trust/security/security-bulletin/ .
What do you need to do now exactly?
Please update your Zoom software on Windows in a very timely manner, but no later than Thursday, July 24, 2023. For the product "Zoom Desktop Client", for example, install version 5.15.3, which closes the security hole. You can find updates for all of the above products on the Zoom download page at: https://zoom.us/download .
ZIM would like to point out that the use of Zoom at the University of Potsdam will only be possible with Zoom software version 5.15.x or higher as of Thursday, July 20, 2023. This will prevent the vulnerability from being exploited and thus possibly compromising computers or even networks.
For questions contact: zim-serviceuuni-potsdampde