Unpatched Exploit: Skype for Mac OS X

Published: 2011-05-06. Last Updated: 2011-05-09 19:01:31 UTC
by Richard Porter (Version: 2)
4 comment(s)

--- Update:

There has been an update to Skype for Mac OS X. It is recommended that you update. Latest version seems to be 5.1.0.922. It is not clear from the Skype website as to addressing the below issue but updating is a good idea.

 

 

According to a Pure Hacking Blog Entry = http : //www.purehacking.com/blogs/gordon-maddern/skype-0day-vulnerabilitiy-discovered-by-pure-hacking and The Register UK = http : //www.theregister.co.uk/2011/05/06/skype_for_mac_critical_vulnerability/

There is a 0 Day exploit that exists for Skype on MAC. Windows and Linux are unaffected. Some best practices for Skype include setting your messages to only allow from Contacts. This does not protect you from infected contacts but it might help.

Please take measures to protect yourself. We are not aware of this being exploited in the wild and as most of us might use the operating system affected, we are both personally and professionally interested.

 

 

Richard Porter

--- ISC Handler on Duty

 

Keywords: 0 Day 0Day Crimeware MAC OS X Skype
4 comment(s)

Comments

The patched version is available, although not yet pushed to clients - 5.1.0.922. Use:
Skype -> Check for Updates...

Ken

May 8th 2011
1 decade ago

A MAC is a unique identifier for a network device, not the name of a computer.

ee

May 9th 2011
1 decade ago

Put up a nice little writeup about this this morning out at http: //www.h-online.com/security/news/item/Confusion-over-Skype-for-Mac-security-issue-1239842.html. Shows the confusion between the individual that found the exploit and Skype.

dsh

May 9th 2011
1 decade ago

Reports are that Microsoft is going to buy Skype. The Apple problem just sorted itself out. LOL

dsh

May 10th 2011
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives