Important Security Updates Released for Zoom: Critical Vulnerabilities Addressed

Zoom Addresses Critical Security Flaws with Urgent Patches

In a proactive move to fortify user safety, Zoom has recently rolled out important security patches targeting several vulnerabilities in its applications. On March 11, 2025, the video conferencing giant alerted users about the updates, which include fixes for five identified vulnerabilities, four of which are classified as high severity according to the Common Vulnerability and Exposure (CVE) system. These vulnerabilities are tracked as CVE-2025-27440, CVE-2025-27439, CVE-2025-0151, and CVE-2025-0150.

These security concerns predominantly affect the Zoom Workplace applications and Zoom Rooms controllers, with versions preceding 6.3.0 being at risk. The newly patched vulnerabilities have drawn attention due to their potential for privilege escalation, possibly allowing unauthorized users to gain elevated access.

Among the most critical issues, CVE-2025-27440 and CVE-2025-27439 both possess a high CVSS score of 8.5. They facilitate privilege escalation through network access, marking them as serious threats. The issue CVE-2025-0151, which involves a use-after-free error, also carries this score, further underscoring Zoom’s need for immediate user action to safeguard their accounts.

Additionally, a medium-severity flaw, CVE-2025-0149, presents the risk of denial-of-service attacks via insufficient data authenticity verification.

Zoom’s quick response not only reflects its commitment to cybersecurity but also emphasizes the importance of regular software updates in protecting users from potential exploitation. Users are advised to promptly update their applications to version 6.3.0 or later, accessible through the official Zoom website, ensuring the continued safety of millions relying on the platform for communication and collaboration.