A critical vulnerability in the Zoom Windows client that allowed attackers to take complete control of a device without authentication has been patched. The company is urging users to install the update immediately.
A critical vulnerability in the Zoom Windows client that allowed attackers to take complete control of a device without authentication has been patched. The company is urging users to install the update immediately.
A vulnerability has been discovered in the Zoom app for Windows that incorrectly uses full paths when loading dynamic link libraries (DLLs). This could allow the library to be replaced with a malicious one that the app could execute if it were in a «trusted» location, TechRadar reports .
If such a DLL launched a backdoor or ransomware and Zoom was running with elevated privileges, attackers could gain access to the entire system. The vulnerability also opened the way to stealing meeting records, contact lists, credentials, and even intrusion into the corporate network, including access to domain controllers.
The risk was also that the attack did not require authentication and was considered low complexity. The vulnerability, CVE-2025-49457, received a criticality rating of 9.6 out of 10.
The issue affected Zoom Workplace for Windows up to version 6.3.10, Zoom Workplace VDI (except 6.1.16 and 6.2.12), Zoom Rooms and Zoom Rooms Controller up to 6.3.10, and Zoom Meeting SDK for Windows up to 6.3.10.
The company has already released a patch, and experts advise installing it as soon as possible. The widespread use of Zoom in business environments, especially after the COVID-19 pandemic, makes such vulnerabilities a serious threat, so it is worth updating the applications as soon as the fixes are released.
As a reminder, we also published a story about how in 2025, the BlueNoroff group, the financial wing of the Lazarus Group, which is linked to North Korea, began using the Zoom platform as an attack tool. Attackers disguise themselves as business partners and install malware that steals cryptocurrency and other financial data through fake video calls.
