Yandex.Telemost

2025: Fix a vulnerability that allows an attacker to strengthen on the victim's network

Positive Technologies has helped strengthen security in the Yandex Telemost video conferencing service for Windows. Positive Technologies announced this on June 17, 2025.

With successful exploitation, the CVE-2024-12168 vulnerability identified by the PT SWARM command in the Yandex Telemost version for Windows could hypothetically be used by an attacker to pin to a workstation in the victim's corporate network. Another possible attack vector was associated with the spread of malware under the guise of this application. The safety issue received a score of 8.4 on the CVSS 4.0 scale, which means a high level of danger.

Vendor was notified of the threat as part of the responsible disclosure policy. The Yandex 360 team promptly took action and released a software update as part of an established vulnerability management process. Users need to install version 2.7 and higher.

If an attacker would like to gain a foothold on a user's workstation, he would just need to load his malicious DLL into a folder with Yandex Telemost already installed. Local administrator rights were not required for this, and malicious code would be executed every time Telemost was launched. As a result, the fact of consolidation could go unnoticed, since the attack scenario is quite specific for most classic antivirus solutions, - noted the experts of the PT SWARM team. - The operating system considers this mechanism legitimate, so this type of attack is detected using rules developed specifically for each DLL Hijacking vulnerability. It is very difficult and resource-intensive to create universal rules for detecting such security defects. If the developers still write them, another problem will arise: any antivirus will often give false positives.

Yandex 360 is continuously working to improve the security systems of its services, concentrating on protecting user information. The company regularly conducts internal security checks, uses modern encryption methods and operates a multi-level security system. Thanks to this comprehensive approach and our partners, reliable protection of user data is ensured and a high level of trust in services is maintained, "said Igor Verbitsky, Director of Security at Yandex 360.

Attackers could also potentially distribute a modified archive with a specially formed malicious library (DLL) along with the original Yandex Telemost application, for example, in phishing attacks. In this case, the Yandex Telemost client application, which Windows considers safe due to the company's official digital signature, could actually run malicious code. This would be possible because the application automatically loads additional files (DLLs) located next to it, and Windows, in turn, does not check them carefully enough. As a result, users would not even receive a threat warning from the built-in Windows protection mechanisms.

This approach, according to the researchers, greatly complicates the analysis of malicious activity and can contribute to bypassing the means of protecting end devices, since processes with a legitimate digital signature cause less suspicion in the SMT and have an increased level of trust.

One example of the exploitation of the vulnerability found by white hackers is the acquisition by the PT SWARM team of initial access to the infrastructure of a financial company during a security analysis project. The Side-Loading DLL method has been used, among other things, by cybercriminals from Team46 in recent malicious campaigns EastWind, DarkGate, as well as in the distribution of the PlugX remote access Trojan.

2024: 12-fold increase in attendees at meetings

Yandex 360 restarted Telemost, a video meeting and video conferencing service. The video quality has become even better, new features have appeared, and the number of meeting participants has grown more than 10 times. This became possible thanks to the transition from an external open source solution to its own platform developed by the Yandex 360  and Yandex Infrastructure teams. Yandex announced this on August 7, 2024.

𝓲

Фото: Yandex

The VKS platform market is growing aggressively and shows positive audience growth year-on-year. As of August 2024, more than 100 thousand video meetings are already held in Telemost every day. Previously, in the service, we used an external open source solution, which did not allow making large-scale changes to the Telemost code at a sufficient speed. The transition to its own platform made it possible to solve this problem and, as a result, implement new product opportunities for users, "said Alexey Petrochenko, technical director of Yandex 360.

We have developed our own WebRTC platform Goloom so that Yandex has a single stack of technologies for working with realtime video. All the advantages of the platform - for example, a more stable connection between devices and a modern set of video codecs - after testing will appear in other internal and external Yandex services. The company's services will be able to adapt Goloom to their tasks, while reducing the cost of their own development and maintaining the high quality of technologies at the level of all Yandex, "said Igor Sheko, leading developer of Yandex Infrastructure interfaces.

 The possibility of shelling the screen in ultra-high resolution 4K has appeared. Participants of the meetings will be able to demonstrate presentations, reports and other materials with the highest possible clarity. In addition, the service now has an indication of speaking participants and you can see it in parallel with viewing the speaker's screen. The quality of noise cancellation has also improved - extraneous sounds will not interfere with hearing what is said.

One of the most important updates is an increase in the number of participants in meetings by 12 times. Previously, you could invite up to 40 people to a meeting, now this limit has grown to 100, 300 and 500 speaking participants. The opportunity is available for users of the Teleconference in Yandex 360 tariffs for business. This is especially important for the B2B segment: in large businesses  , hundreds of employees can take part in online meetings. In September 2024, it will be possible to hold meetings of up to 1000 people in Telemost. Live broadcasts can still be broadcast to a wide audience - up to 10 thousand people.

The teleconference already combines all the most necessary functions for organizing high-quality video meetings: chat for meeting participants, the ability for administrators to control the cameras and microphones of interlocutors, moderation, the ability to record meetings and save a file, integration with the calendar and others. Yandex 360 plans to have more flexible meeting settings (waiting rooms, new functions for organizers and co-organizers), the ability to connect to meetings via SIP (Session Initiation Protocol) and others.

2023: Opportunity to hold meetings for 1000 participants

Yandex 360 will translate the video meeting service Telemost to a new technology platform. This will allow faster implementation of new opportunities for users and increase the efficiency of the service. Key features will be available in mid-2024. Yandex announced this on September 27, 2023.

One of the solutions that will appear in the updated Teleconference is the increase in the number of participants meetings more than 20 times from the current 40 to 1000. This is especially important for B2B- segment where online big business meetings can attract hundreds of participants.

Sharing content during group meetings will also reach a new level - it will be possible to sharp the screen in ultra-high resolution 4K. Meeting participants will be able to showcase presentations, reports, projects and other materials in Maximum definition.

As of September 2023, Teleconference technologies are based on an external open source solution. Already with mid-2024, the service will run on its own platform developed by Yandex 360 and Yandex Cloud team.

{{quote 'The number of users using the service for meetings and broadcasts is growing multiple over several years. Only for the incomplete 2023 day audience The teleconference has grown almost 3 times, "said Yandex CEO 360 Vladimir Rusinov. "' - In our case, the use of an external open source solution is not allows you to make large-scale changes to the code and implement everything you plan. Transition Three basic limitations in product development will be removed on its own platform: the quality of the picture, meetings and the number of participants in the meetings. The changes will allow us to step far forward in the development of the Teleconference, focus resources within the team, and, as a consequence, realize new product opportunities for users.}}

Restarting the Teleconference will improve the current capabilities of the service: to increase stability and quality of broadcasts to a wide audience of up to 10 thousand people, noise cancellation quality and other basic functions that are already in the product and are important for comfortable use of the service.

2020: Yandex.Telemost launch

On June 15, 2020, Yandex announced the launch of a video meeting service called Yandex.Telemost. The service will allow people to quickly assemble a remote meeting or chat with friends online. The conversation time is not limited, but you can create an appointment and invite participants in just a couple of seconds - the invitation link is automatically copied to the clipboard for convenience.

Photo source: filearchive.cnews.ru

In order to start a meeting or join it, you do not need to install a separate application: the service works Yandex.Browser in and, Chrome as well as in and. applications Yandex.Disk Yandex.Mail Gradually, the Teleconference will integrated be in other Yandex products and will work in others. browsers

The invitation link to the meeting can be opened in the browser, mobile and desktop applications of Yandex.Disk and in Yandex.Mail applications for iOS and Android. In the first version of the service, all the necessary functions are already available, and in the future users will receive additional features.