Cisco Systems has found a security issue it has labeled as CRITICAL with its WebEx browser software on Windows-based machines.
From the advisory:
“A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.”
The issue affects Chrome, Firefox, and Internet Explorer web browsers for Windows. This issue poses a serious threat to the security of any system using these extensions, and requires immediate attention. Hackers can exploit this vulnerability by downloading malicious code to your computer.
Special note: Microsoft Edge users are not affected by this vulnerability. Also, it does not affect Mac or Linux users.
All staff and management within your organization should check to see if they are using the Cisco WebEx browser extension in their web browser, and if so, update immediately.
If you have any questions about this security issue or how to fix it, please contact CompCiti at: (212) 594-4374.
You can view the full report here:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex