In a blog post today, Zoom described an impending update designed to fix some of its security flaws. Starting with Zoom 5.0., calls will be encrypted using 256-bit AES-GCM encryption. Hosts will gain new tools to report bad actors and easier access to security settings.
The promise to pause feature updates to work on security seems to have paid off. The company needed to take the situation seriously, since schools, the U.S. Senate, and even Google banned Zoom from internal use.
The addition of 256-bit AES-GCM encryption is key to Zoom’s security promises. Before it was using TLS encryption, similar to your browser when you connect to a secure site, and it wasn’t end-to-end (e2e) encryption despite the company saying otherwise.
Now it will be e2e, and using one of the most robust encryption protocols available. Additionally, whereas hosts had to dig deep into settings menus to find security options before, the update will provide easy access thanks to a new button on the meeting menu bar.
Zoom is also offering tools to report bad actors. In recent days, the act of “Zoomboombing,” wherein someone joins a call uninvited just to sow chaos, has been on the rise. The tools should help cut down that problem. Zoom also made the waitlist feature on by default in a recent update, which makes the host approve each person before they can join the call.
Zoom 5.0 will be out by the end of the week, and if you depend on the service, you should download it as soon as possible. You can visit Zoom’s site to check if the update is available and download it.