Zoom addresses the critical CVE-2024-24691 vulnerability in Windows software.

Video messaging service Zoom has released security updates to address seven vulnerabilities in its desktop and mobile apps, including a critical flaw (CVE-2024-24691) affecting Windows software.

CVE-2024-24691 is an incorrect input validation error that can be exploited by an attacker with network access to escalate privileges.

A high-risk privilege escalation vulnerability (CVE-2024-24697) affecting Windows software that can be exploited locally without authentication has also been discovered.

The developer company recommends that users update their apps as soon as possible.