Skip to main content

Skype says persistent CSS is a 'minor vuln', fix coming this week

posted onJuly 18, 2011
by l33tdawg

A couple of days ago, a security vulnerability for Skype was discovered by Levent Kayan, a Berlin-based security researcher. What he had discovered was this exploit which allowed malicious hackers to enter a string of JavaScript code into the “mobile phone” field for that user, and the minute that user logs on, the hacker would be able to trigger the program, allowing the hacker access to the user’s Skype account and possibly even the computer they are using Skype on.

Skype has since acknowledged the issue, although they seem to be downplaying it by calling it a “minor issue”. They claim that the issue only affects “top contacts”, which means that in order for the hacker to exploit the bug, they would have to be someone who communicates on a regular basis with their target, and would require both users to be online at the same time.

Skype’s spokesperson Chaim Haas was quoted as saying, “As you can imagine, someone who you deal with frequently is probably unlikely to take advantage of this bug anyways.” The bug was also claimed to just affect Windows users only, but Kayan responded by apparently confirming that Mac and Linux versions of Skype were affected as well.

Source

Tags

Skype Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th