EDIT: seems to have been fixed in versions newer than v7.40

Leave a comment

EDIT: seems to have been fixed in versions newer than v7.40

Nasty bug in Skype (not lync/Skype for business)

“A security flaw in Skype’s updater process can allow an attacker to gain system-level privileges to a vulnerable computer.”

– The bug, if exploited, can escalate a local unprivileged user to the full “system” level rights — granting them access to every corner of the operating system.

Microsoft says that even though engineers “were able to reproduce the issue,” a fix will land “in a newer version of the product rather than a security update.”

#security #awareness #skype

http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/

Leave a Reply