Serious Skype vulnerability requires a ‘large code revision’ to fixDuncan Riley / SiliconANGLE - 2 years ago
  • A recently discovered serious vulnerability in Skype that could give an attacker system-level privileges won’t be patched anytime soon.
  • The vulnerability, discovered by security researcher Stefan Kanthak, allows a hacker to modify the Skype updater to draw on a malicious DLL library instead of the genuine one provided by Microsoft, giving the attacker access to a victim’s PC.
  • Kanthak told ZDNet Monday that Microsoft was informed of the bug back in September.
  • It’s not clear what Microsoft’s time frame is for releasing a new version of Skype that tackles the issue.