High-Severity Vulnerabilities Patched in Zoom, Chrome


Zoom has released fixes for six security flaws, including two high-severity issues affecting various products. CVE-2024-45421 (buffer overflow, CVSS 8.5) requires authentication for exploitation, while CVE-2024-45419 (improper input validation, CVSS 8.1) can be exploited remotely without authentication. These impact the Zoom Workplace App, Rooms Client, Rooms Controller, Video SDK, and Meeting SDK prior to version 6.2.0, as well as Workplace VDI Client for Windows before version 6.1.12. Four medium-severity flaws involve denial-of-service risks, privilege escalation, and information disclosure on macOS. Users are urged to update promptly. Separately, Google promoted Chrome 131 to stable, addressing 12 security issues, including a high-severity Blink bug (CVE-2024-11110) and multiple medium-severity vulnerabilities.

Read More


thumb-image

Solutions