Spread widely thanks to the global coronavirus pandemic, video conferencing tools were the new main topic of the Pwn2Own 2021 hacking contest. During this week’s event, several important security breaches were discovered within Zoom and Microsoft Teams software, according to reports article by Tack radarSpotted before Fonandroid.
Control a PC with Zoom
Ethical hackers have already discovered three “zero day” vulnerabilities within Zoom. By combining the two, they were able to demonstrate their ability to control a computer remotely without the user having to do anything. The team gained access to the computer’s webcam and microphone, all the files on the computer, and was able to download the web browser history.
After their discovery, the duo received a prize of $ 200,000. As required by competition rule, the company responsible for Zoom now has 90 days to produce a repair, already announced by the company.
Microsoft Teams, too
During Pwn2Own 2021, vulnerabilities were also discovered in another video conferencing program: Microsoft Teams. By integrating them, it allows a hacker to execute arbitrary code on the victim’s computer.
Once again, this discovery was rewarded with $ 200,000, and Microsoft announced that it will work to fix these flaws in the coming days.
“Certified gamer. Problem solver. Internet enthusiast. Twitter scholar. Infuriatingly humble alcohol geek. Tv guru.”