Skype Mac Client Has Risky Zero-Day Bug – Researcher

An Australian security researcher recently found a dangerous zero-day bug in the Skype client for Apple’s Mac computers which may be used by attackers to take control of a victim’s computer, various reports say.

ShovanSargunam / Flickr (CC BY-SA)However, according to CNet and Mashable, Skype has already released a “hotfix” for the said issue. Mashable said that Skype revealed that it just did not prompt users to download the patch.

Pure Hacking’s Gordon Maddern said he accidentally discovered the vulnerability a month ago and has also notified Skype about his discovery shortly after he proved it was exploitable.

However, Maddern wrote in his post that when he notified Skype, the company’s answer was the standard: “Thank you for showing an interest in skype security,  we are aware of this issue and will be addressing it in the next hotfix.

Maddern wrote:

About a month ago I was chatting on skype to a colleague about a payload for one of our clients.  Completely by accident, my payload executed in my colleagues skype client.

I decided to investigate a little further and found that the Windows and Linux clients were not vulnerable. It was only the Mac skype client that seemed to be affected. So I decided to test another mac and sent the payload to my girlfriend. She wasn’t too happy with me as it also left the her skype unusable for several days.

At this point I figured out what was needed to execute code. So I put together a proof of concept using metasploit and meterpreter as a payload. Low and behold I was able to remotely gain a shell.”

Mac users who use Skype are warned to be cautious and not accept messages or calls from strangers. You can download the patched and latest Skype client for Mac here. (download Skype 5.1.0.992

3
SHARES

Solon Harmony Dolor

A passion for technology and journalism makes this upcoming writer very interested in social media and technology news. Fresh from finishing an English and Journalism degree from the University of the Philippines Diliman, he aims to bring interesting news to our readers .

Don't forget to subscribe and receive our latest posts in your inbox.