Do you rely on Cisco's Webex Meetings app for video conferencing?

If so, be advised that the company found and addressed a pair of high severity security flaws that could allow hackers to remotely execute code on vulnerable machines.

The two issues are being tracked as CVE-2020-3263 and CVE-2020-3342.

They impact Cisco Webex Meetings Desktop App releases 39.5.12 and earlier. They also impact lockdown versions of Cisco Webex Meeting Desktop App for the Mac, version 39.5.11 and earlier.

In both cases, the issue revolves around an improper input validation of URL's. If an attacker can supply a URL and trick a recipient into clicking on it, it could result in the total compromise of the machine. If there's a silver lining to the recent discovery, it is that as long as you don't click on links provided to you by unknown and untrusted sources, your risk is minimal.

This is the second time in recent memory that Ciscos has had to rush to patch Webex. Late last year, Cisco discovered and patched the Windows version of the app that could have allowed local attackers to escalate privileges and execute commands with SYSTEM user privileges.

Given the number of people currently relying heavily on video conferencing software with so many working from home due to the global spread of COVID-19, keeping whatever software you use up to date is more important than ever.

If your company makes use of Webex, be sure you're running the latest version. If you're not sure how to proceed, detailed instructions for updating the macOS version of the app can be found on Cisco's website in an article entitled "Update the Cisco Webex Meetings Desktop App." For Windows users, detailed instructions can be found in the "IT Administrator Guide for Mass Deployment of Cisco Webex Meetings Desktop App."

Eclipse Integrated Systems is the No. 1 managed IT support services company in New Jersey and Florida since 1994, providing managed IT services for small businesses, cloud support, cyber security, health information technology and more. If you're sick of equipment not working, call us for a free network analysis today or visit

Used with permission from Article Aggregator