Skype users vulnerable to hackers

Skype has already released a patch to fix the flaw


30 May 2006 15:57 GMT / By Amber Maitland

An Australian security firm has discovered a vulnerability in a Skype URI (Uniform Resource Identifier) type that could potentially allow for a file transfer.

The company, Security-Assessment.com, did not issue an advisory until Skype had prepared a patch to fix the problem, so as not to draw hackers' attention to the problem.

It's not actually that simple for an attack to take place. In order for an attack to be carried out, the attacker must authorise the target on his or her contact list, which doesn't require authorisation from the target. However, the target must then be convinced to visit a website under the attackers control or open an exploit URI in Internet Explorer.

Then the attacker must know the location of whatever file he or she want from the victim's machine. A common target would be the Skype configuration file.

To install the Skype patch for this weakness under its security bulletins, or click here to go directly to here
Related
Full tags
Phones, Networking, VoIP, Skype

share print story pdf email story

Recommended articles

Recommended articles from around the web
Loading

Best iPad 2 apps

We detail the best iPad 2 and iPad apps in the app store Which iPad app should you download?

Best new iPad apps

We detail the best iPad apps in the app store for your new Retina Display Which iPad app should you download?

Windows 8

First Look: Windows 8 Consumer Preview reviewed

The new iPad

The new iPad: Everything you need to know

Pocket-lint poll

Q. Does the Samsung Galaxy S III deliver what you hoped for?

Vote YES Vote NO

» LAST TIME
When asked Would you switch from iOS to Android? 54% said yes and 46% said no