A recently discovered bug being tracked as CVE-2021-28133 is affecting Zoom users. The flaw lies within the screen sharing function of the application and was tested on versions 5.4.3 and 5.5.4 across both Windows and Linux clients. The bug is allowing for other users to briefly view content from other apps of the person that is sharing their screen. This happens if a second application is layered on top of an application that is already open. SySS researchers Michael Strametz and Matthias Deeg stated, “When a Zoom user shares a specific application window via the ‘share screen’ functionality, other meeting participants can briefly see contents of other application windows which were not explicitly shared.” While this could be very difficult to exploit it still leaves a possibility for information to be viewed unwillingly.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in