Skype Sick With Bad Bug, Must Be Patched - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

12:53 PM

Skype Sick With Bad Bug, Must Be Patched

Skype pushed out a patch for a vulnerability that can let attackers gain access to a target computer and its data.

VoIP provider Skype rolled out an update Friday to quash a bug that can let attackers send a file to a recipient without his or her consent, and potentially obtain access to the computer and its data.

The vulnerability, which Danish bug tracking firm Secunia rated as "moderately critical," is in the VoIP software's parsing of URLs. A malformed link -- sent in a Skype message, for instance -- can begin the transfer of a file from attacker to recipient, who does not need to have "explicitly consented to the action," Skype said in an advisory.

The transfer, however, would be seen by the recipient. "If a file transfer is started, it will be visible to the user and may be cancelled by the sender by selecting 'Cancel' in the normal way," the alert continued.

All versions of Skype for Windows prior to and including 2.0.*.104, as well as the beta 2.5.*.0 to and including 2.5.*.78, are vulnerable. Skype told users that they should update to patched versions -- and the beta -- from the Web site as soon as possible.

Depending on how users have set up Skype, the program may also automatically check for the update, and alert the user.

Skype's been hit with bugs before, including critical flaws found and fixed in October 2005 and November 2004.

Earlier this week, Skype launched a special promotion that lets U.S. and Canadian users make calls to landline and mobile numbers for free through the end of 2006.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll