Skype Releases Update for Mac Client, Fixes Vulnerability Uncovered by Pure Hacking
Yesterday we were reporting that Skype for Mac is plagued by a critical vulnerability uncovered by Pure Hacking, a group of ethical hackers from Australia. The vulnerability goes something like this: if someone in the Contact list sends the user a specifically crafted message, Skype for Mac would crash. To exploit this vulnerability that someone would have to already be in the Contact list or trick the user into adding him to the list, because by default, Skype for Mac does not accept messages from people who are not in the Contacts list
This vulnerability was addressed by Skype with version 5.1.0.922, but the thing is that users were not prompted to get this update. Skype explained that because there were no reports about this vulnerability being exploited in the wild, users were not presented with a prompt to update to version 5.1.0.922.
This is not to say that they could get the update. They could update Skype for Mac to version 5.1.0.922 by manually triggering an update (by clicking Skype -> Check for updates) or by downloading the latest version from Skype.
Skype did not prompt the users to update because it had another update in the pipeline – version 5.1.0.935, update that has just been pushed to all Skype for Mac users. This update, as Skype’s Chief Information Security Officer Adrian Asher explained, includes the security fixes of version 5.1.0.922 and features some additional product fixes. Skype for Mac users will be automatically prompted to get the update; alternatively they can manually trigger an update. Once the majority of users get the update, Skype will release additional information on the vulnerability uncovered by Pure Hacking.
“Once we have seen a large proportion of our Skype for Mac user base have upgraded to this new version, we will provide further details on the vulnerability in the Skype for Mac client that was raised by Pure Hacking,” said Adrian Asher.
Tags: Skype, Skype for Mac, Security
This vulnerability was addressed by Skype with version 5.1.0.922, but the thing is that users were not prompted to get this update. Skype explained that because there were no reports about this vulnerability being exploited in the wild, users were not presented with a prompt to update to version 5.1.0.922.
Advertising
This is not to say that they could get the update. They could update Skype for Mac to version 5.1.0.922 by manually triggering an update (by clicking Skype -> Check for updates) or by downloading the latest version from Skype.
Skype did not prompt the users to update because it had another update in the pipeline – version 5.1.0.935, update that has just been pushed to all Skype for Mac users. This update, as Skype’s Chief Information Security Officer Adrian Asher explained, includes the security fixes of version 5.1.0.922 and features some additional product fixes. Skype for Mac users will be automatically prompted to get the update; alternatively they can manually trigger an update. Once the majority of users get the update, Skype will release additional information on the vulnerability uncovered by Pure Hacking.
“Once we have seen a large proportion of our Skype for Mac user base have upgraded to this new version, we will provide further details on the vulnerability in the Skype for Mac client that was raised by Pure Hacking,” said Adrian Asher.
Tags: Skype, Skype for Mac, Security
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 20 May 2013
Need help keeping track of how much time you spend on completing tasks? If you do, check out the efficient 'Whatcha Doing?' application.
By George Norman on 17 May 2013
This week the Linux Mint team announced that they pushed out the Release Candidate (RC) of Linux Mint 15 codename Olivia. This is the most ambitious release since the start of the Linux Mint project.Related News
By George Norman on 25 Mar 2013
It just goes to show you that no security solution is infallible. Kaspersky Lab announced that it uncovered malware on many PCs that already had a security solution in place – even on PCs protected by reputable security products.
By George Norman on 10 Apr 2013
BitDefender recently rolled out an app that will protect your Android device: BitDefender Antivirus Free. The ad for the recently released app was designed by the guys 
By George Norman on 21 Jan 2013
Microsoft announced that it will retire its instant messaging client Windows Live Messenger on the 15th of March. Skype, the IM and VoIP client Microsoft purchased in 2011, will replace Live Messenger.
By George Norman on 20 Nov 2012
The recently released OPSWAT Security Score application analyzes your PC and gives it a security score. How much will you get? Get the tool and evaluate your PC’s security status.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Skype Releases Update for Mac Client, Fixes Vulnerability Uncovered by Pure Hacking
HTML Linking Code
HTML Linking Code