Skype had a critical vulnerability. Microsoft has known about it for 6 months already

By: Eugene Sherban | 16.02.2018, 11:17
Skype had a critical vulnerability. Microsoft has known about it for 6 months already

Expert on   cyber security, Stephen Cantuck found a serious vulnerability in   Skype, s   which can be used by an attacker to steal data from   computer, and   completely to seize control over it.

How does it work

Skype has its own update mechanism, and   in   The time to update the program can be easily tricked by replacing the malicious DLL file with   installation. As Kantak says, a cracker can simply load a malicious DLL into   temporary directory, and   then call it a real file like UXTheme.dll. A   Further everything is limited only by imagination and   needs of a hacker.

How serious is it?

Poor number one   - on   According to Kantak this   The same vulnerability can be   just on   Win, but   and   on   macOS and   Linux. Poor number two   - an expert notified Microsoft about   problem in   September 2017. Of   Microsoft replied that they see a bug, but   not   can patch up his t. To. this will have little   it not   write code with   zero. Therefore, vulnerability was eliminated in   new client of the eighth version of Skype, but   it was that   the very version with   redesign under Snapchat, from   which many old Skype users hastily refused (see the reviews in the Microsoft Store). AND   remained on   " Seven " , which Microsoft does not   can protect.

Source: ZDNet