Popular video conferencing service Zoom has resolved as many as four security vulnerabilities (CVE-2022-22784, CVE-2022-22785, CVE-2022-22786, CVE-2022-22787) which were discovered by security researcher Ivan Fratric from Google Project Zero. A malicicous actor could exploit these issues to trick an unsuspecting user’s client to connect to a malicious server when attempting to use Zoom services, to trick a user into downgrading their Zoom client and for spoofing. Issues affect Zoom Client before version 5.10.0.

More information on vulnerabilities and update is available in Zoom security bulletins – zoom.us.