How to Fix Zoom Security Issues: User-info and Password Leakage

For users who need to work from home and stay connected with colleagues, family and friends, Zoom is a quite useful tool. It provides them with a remote conferencing service that combines video conferencing, online meetings, chat and mobile collaboration. Recently, “Zoom security issues” becomes a hot topic and users are worried about Zoom’s user-info and password-leak problem.

How does this happen?

When a chat message containing a URL (Uniform Resource Locator) is sent within Zoom, it will be converted into a hyperlink that others can click to open a webpage in their browser.

However, Zoom also turns Windows UNC (Universal Naming Convention paths into a hyperlink in the chat. When a user click a UNC path link, Windows sends a user’s login name and NTLM password hash, which makes your user-info and password be easily stolen by an attacker.

How to fix Zoom’s user-info and password-leak problems on Windows 10 and protect your information? Here are two methods you can try.

Method 1: Use Local Group Policy Editor to Fix Zoom Security Issues

Step 1: Press Win + R to invoke Run window. Then input gpedit.msc and click OK to open Local Group Policy Editor.

Step 2: Navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options.

Step 3: In the right pane, double-click Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers and select Properties.

Step 4: In the pop-up window, choose Deny all option. Then click Apply and OK to save the change you have made.

Step 5: Click Yes to confirm the setting change.

Now, the sign-in NTLM credentials won’t be sent to a remote host when you use Zoom on Windows 10, and your information will be securer.

Method 2: Use Registry Editor to Fix Zoom Security Issues

Step 1: Invoke Run window and type regedit in the box. Then press Enter to open Registry Editor.

Step 2: Click File > Export to create a backup for your registry keys in case that anything wrong happens.

Step 3: Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0.

Step 4: In the left pane, right-click MSV1_0 key and select New > DWORD (32-bit) Value. Then name the new key as RestrictSendingNTLMTraffic and press Enter.

Step 5: Double-click RestrictSendingNTLMTraffic to open its properties and set the value to 2. Then click OK to save the changes.

In this way, an attacker should be unable to get your user-info and password from Zoom.

Originally published at https://www.partitionwizard.com on April 7, 2020.