Skype sick with bad bug, must be patched

Monday, 22 May 2006, 11:51 AM EST

VoIP provider Skype rolled out an update on Friday to quash a bug that can let attackers send a file to a recipient without his or her consent, and potentially obtain access to the computer and its data.

The vulnerability, which Danish bug tracking firm Secunia rated as "moderately critical," is in the VoIP software's parsing of URLs. A malformed link - sent in a Skype message, for instance - can begin the transfer of a file from attacker to recipient, who does not need to have "explicitly consented to the action," Skype said in an advisory.

At ITNews.

[ Read more ]




Spotlight

How security pros deal with cybercrime extortion

1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files. 86% of security professionals believed their peers at other organizations have brokered deals with cybercriminals.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Apr 1st
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //