Popular video conferencing service Zoom has resolved 7 security vulnerabilities (CVE-2024-24691, CVE-2024-24697, CVE-2024-24696, CVE-2024-24695, CVE-2024-24699, CVE-2024-24690, CVE-2024-24698) in Zoom products. A malicious actor could exploit some of these vulnerabilities to trigger sensitive information disclosure, elevation of privilege and denial of service condition on the targeted system. Issues affect:

• Zoom Desktop for Windows before version 5.16.5;

• Zoom VDI for Windows before version 5.16.10 (except versions 5.14.14 and 5.15.12);

• Zoom Rooms for Windows before version 5.17.0;

• Zoom Meeting SDK for Windows before version 5.16.5.

More information on vulnerabilities and updates is available in Zoom security bulletins – zoom.us