Security Vulnerability May Require Client Update
Zoom has identified a critical vulnerability in its Windows client versions 5.16.5 and below, where “improper input validation in Zoom Desktop Client for Windows…may allow an unauthenticated user to conduct an escalation of privilege via network access.”
Zoom recommends that all users update to the latest version of the client as soon as possible to avoid risk.
With guidance from VCU’s Information Security Office, we will be enforcing 5.17.0 as the minimum Zoom client version allowed for participation in VCU-hosted Zoom meetings as of Saturday, Feb. 24. With this rule in place, if you are using a version older than 5.17.0 you will be prompted to update your client the next time you host or join a meeting. If you’re already logged in with an older version, you may be logged out and required to update before logging back in.
As a reminder, you can update your Zoom client by opening the desktop app and clicking on your profile image or initials in the upper right corner of the application window. Choose “Check for updates” from the pull-down menu and if you aren’t already on the newest version, it will be automatically installed. Alternatively, you can browse to https://zoom.us/download to acquire and install the latest client version.
Thank you for your prompt attention to this important matter. As always, please feel free to contact the VCU Zoom team at [email protected] with questions or concerns.