• Home
  • OS X
  • Security Hole in Skype for OS X Could Give Attackers Remote Access to Your Mac

Security Hole in Skype for OS X Could Give Attackers Remote Access to Your Mac

Screen shot 2011 05 06 at 10 12 40 PMA major security hole has been discovered in Skype for OS X that could give an attacker remote access to your Mac by sending an instant message.

The zero-day security vulnerability was discovered by Australian IT security firm, Pure Hacking. Gordon Maddern, who found the exploit, posted today that he notified Skype of the issue a month ago and was given a standard, canned reply from them. They still have not created a patch.

Maddern:

The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac. It is extremely wormable and dangerous.

Pure Hacking:

[We] won’t give specifics on how to perform this attack until a patch from Skype is released. However we will give a full disclosure after Skype takes action or a reasonable responsible disclosure time.

Skype is fiddling while Rome is burning:

Skype twitter.png

Dan York from Disruptive Telephony justifiably complained that Skype has not made any information public other than a statement given to ZDNet UK. He says they have made no attempt to notify users via their corporate blog, twitter feed, or any other method. York recommends changing Skype’s privacy settings to only allow messages from contacts. Although, he warns that this is merely a precautionary measure since it is unknown exactly how the attack works. See below for details.

Skype 5.x settings:

Skype privacy settings.png

Skype 2.8 settings:

Skype privacy settings.png

Better yet, switch off Skype and use the phone until a patch is released.

UPDATE
Skype has address the security vulnerability. (Thanks Chaim)

via Pure Hacking, The Register and Disruptive Telephony

Topics

  1. Chaim Haas says:

    The vulnerability in question was addressed in mid-April. Skype posted some more detailed information on their Security blog – http://blogs.skype.com/security/2011/05/security_vulnerability_in_mac.html.

  2. From @evanchooly:disqus “Maybe when #skype patches this hole, they can fix the bug that makes the UI look like crap.”

    So true.

  3. Thanks to @facebook-52601056:disqus for the update

  4. compilation says:

    Appreciate you sharing, great post.Really looking forward to read more. Fantastic.

  5. 770995 97708Aw, this was a truly nice post. In thought I would like to put in writing like this in addition – taking time and actual effort to make a extremely good article but what can I say I procrastinate alot and by no means seem to get something done. 176689

  6. Thanks again for the article.Really thank you! Much obliged.

  7. download mp3 says:

    Very informative blog post.Thanks Again. Fantastic.

  8. Im obliged for the blog article.Really thank you! Keep writing.

  9. Really appreciate you sharing this article post. Want more.

  10. Really informative blog.Much thanks again. Will read on…

  11. sbotop says:

    Really appreciate you sharing this blog post.Thanks Again. Really Great.

  12. Thanks a lot for the blog post.Thanks Again. Want more.

  13. bong88 link says:

    Very good blog article.Really looking forward to read more. Want more.

  14. 1gom7m says:

    I appreciate you sharing this blog article.Much thanks again. Fantastic.

  15. I appreciate you sharing this blog article.Really thank you!

  16. Major thankies for the blog post.Much thanks again. Great.

  17. Royal online says:

    Really appreciate you sharing this post.Really looking forward to read more. Really Cool.

  18. Visa Taïwan says:

    Thank you for your blog.Really looking forward to read more.

  19. Look At This says:

    Hey, thanks for the article post.Really thank you! Much obliged.

  20. Facts says:

    Great, thanks for sharing this blog article. Much obliged.

  21. Really informative blog article.Much thanks again. Fantastic.

  22. Thanks a lot for the blog post.Thanks Again. Great.

  23. Really appreciate you sharing this post.Thanks Again. Want more.

  24. invention says:

    Thanks again for the blog article.Thanks Again. Keep writing.

  25. I really like and appreciate your article.Really thank you! Keep writing.

  26. Say, you got a nice post.

  27. Thanks a lot for the blog article. Want more.

  28. 617588 324230Yay google is my king aided me to discover this great web site ! . 572920

  29. 레플 says:

    Im grateful for the blog. Awesome.

  30. Thanks for sharing, this is a fantastic blog.Thanks Again.

Leave a Reply

Your email address will not be published. Required fields are marked *