- A recently discovered serious vulnerability in Skype that could give an attacker system-level privileges won’t be patched anytime soon.
- The vulnerability, discovered by security researcher Stefan Kanthak, allows a hacker to modify the Skype updater to draw on a malicious DLL library instead of the genuine one provided by Microsoft, giving the attacker access to a victim’s PC.
- Kanthak told ZDNet Monday that Microsoft was informed of the bug back in September.
- It’s not clear what Microsoft’s time frame is for releasing a new version of Skype that tackles the issue.
Duncan Riley / SiliconANGLE - 2 years ago