Zoom Might Be Putting Your Windows Password At Risk, Here's Why

Screen Rant

By Chazz Mair

Published Apr 1, 2020

As Zoom becomes more popular, more security issues have come to light. The latest is the possibility that it might be leaking user passwords.

The Windows version of the popular video chat application Zoom might be endangering your personal data. A critical flaw in the desktop client causes Zoom to turn Windows Universal Naming Convention paths into clickable chat links that can send your login information to a remote site.

A Universal Naming Convention, or UNC, path describes the methods which computers use to locate program files within a system. This is denoted by a combination of pathway components that point towards the name of the server, the network share, and the file name. On a Windows PC, you can find the UNC path of your connected network by typing “net use” into your command prompt, which is accessed by holding down the Windows and R keys and typing “cmd” in the box that appears.

When someone clicks on the UNC path link on the Windows’ desktop version of the Zoom application, Windows sends an encoded version of the login and password that can then be decoded. With that login information, people on the same network could access files. Security researcher Mathew Hickey spoke to Bleeping Computer on the subject, noting that the UNC injects could also launch programs on local PCs, although in testing, the user was prompted before any program was launched. Zoom has yet to comment on the issue.

Is There An Easy Fix?

Zoom would have to change the way its text chat reads UNC paths to prevent logins from being leaked. However, if you don’t want to wait on a fix, you can use Window’s Local Group Policy Editor to protect yourself. Open the quick access menu with the Windows and X keys and type “gpedit” in the command prompt - you’ll need admin access to use this. Once you’ve opened the editor, find the local policies menu in the security settings menu. Once there, go through local policies and security options to get to network security. There, click “Deny all,” on the option that reads “Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers.” This will prevent Windows from exposing your login data when interacting with a UNC link on Zoom. However, this could cause problems when trying to access shared files.

Alternatively, there are other easy to use applications that support video conferences. Slack, Skype, GoToMeeting, and Discord, are a few of the many alternatives. Most of these are free and have mobile and desktop versions available. The coronavirus outbreak has caused more people to work from home, making a reliable and speedy method of communication relevant. A side effect of the shift has exposed many of Zoom's faults, such as directories that leak email addresses and people stumbling into other conferences. Hopefully, Zoom makes the necessary adjustments quickly and especially considering it has became a go-to option for many during the pandemic.

Next: Use Zoom Safely By Avoiding These Common Hacker Scams

Source: Bleeping Computer