Zoom patches critical Windows flaw allowing privilege escalation

Zoom has patched a critical Windows client vulnerability (CVE-2025-49457, CVSS 9.6) that could allow unauthenticated attackers to escalate privileges via network access. Affecting multiple Windows-based Zoom products before version 6.3.10, the flaw poses significant risk given Zoom’s global enterprise use and potential access to sensitive data. Updates are available, and prompt patching is strongly advised.