Sign In »
Register Now!
Help
</h3>
Quote
<h3>Skype for Mac requires manual update to fix security vulnerability
Pure Hacking's Gordon Maddern, a tech security writer, has uncovered a zero-day vulnerability affecting Mac users of the popular chat platform Skype. He writes: "About a month ago I was chatting on Skype to a colleague about a payload for one of our clients. Completely by accident, my payload executed in my colleagues Skype client."
Further tests showed that the payload was only executing in Skype clients on Macs. Windows and Linux appeared to be safe. After using metasploit and meterpreter to produce a proof of concept, Maddern was able to gain a shell remotely using the Skype exploit.
Perhaps alarmingly, this information was brought to the attention of Skype's security team over a month ago, with the only response being a generic "Thank you, we'll get to that soon".
"The long and the short of it is that an attacker needs only to send a victim ...
Pure Hacking's Gordon Maddern, a tech security writer, has uncovered a zero-day vulnerability affecting Mac users of the popular chat platform Skype. He writes: "About a month ago I was chatting on Skype to a colleague about a payload for one of our clients. Completely by accident, my payload executed in my colleagues Skype client."
Further tests showed that the payload was only executing in Skype clients on Macs. Windows and Linux appeared to be safe. After using metasploit and meterpreter to produce a proof of concept, Maddern was able to gain a shell remotely using the Skype exploit.
Perhaps alarmingly, this information was brought to the attention of Skype's security team over a month ago, with the only response being a generic "Thank you, we'll get to that soon".
"The long and the short of it is that an attacker needs only to send a victim ...
Read full post & comments - http://download.cnet...categoryId=2002
Originally posted at MacFixIt
Back to top
MultiQuote