Skip to main content

Update Your Webex Desktop App To Avoid Security Threat

By July 2, 2020May 5th, 2022Cybersecurity

Do you rely on Cisco’s Webex Meetings app for video conferencing?

If so, be advised that the company found and addressed a pair of high severity security flaws that could allow hackers to remotely execute code on vulnerable machines.

The two issues are being tracked as CVE-2020-3263 and CVE-2020-3342.

They impact Cisco Webex Meetings Desktop App releases 39.5.12 and earlier. They also impact lockdown versions of Cisco Webex Meeting Desktop App for the Mac, version 39.5.11 and earlier.

In both cases, the issue revolves around an improper input validation of URL’s. If an attacker can supply a URL and trick a recipient into clicking on it, it could result in the total compromise of the machine. If there’s a silver lining to the recent discovery, it is that as long as you don’t click on links provided to you by unknown and untrusted sources, your risk is minimal.

This is the second time in recent memory that Ciscos has had to rush to patch Webex. Late last year, Cisco discovered and patched the Windows version of the app that could have allowed local attackers to escalate privileges and execute commands with SYSTEM user privileges.

Given the number of people currently relying heavily on video conferencing software with so many working from home due to the global spread of COVID-19, keeping whatever software you use up to date is more important than ever.

If your company makes use of Webex, be sure you’re running the latest version. If you’re not sure how to proceed, detailed instructions for updating the macOS version of the app can be found on Cisco’s website in an article entitled “Update the Cisco Webex Meetings Desktop App.” For Windows users, detailed instructions can be found in the “IT Administrator Guide for Mass Deployment of Cisco Webex Meetings Desktop App.”

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.