Skype to fix wormable bug in Mac software

A hotfix for the problem has been available since April 14

Robert McMillan (IDG News Service)
07 May, 2011 09:36
Comments

Skype plans to push out an important update to its Skype for Mac software next week that will fix a big that could be leveraged by hackers looking to build a self-copying worm program.

Details of the flaw haven't been made public, so it's unlikely that anyone is going to write a worm any time soon. But the bug is serious, according to Gordon Maddern, the Australian security researcher who reported the issue to Skype.

"The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac," Maddern wrote in a blog post. "It is extremely wormable and dangerous."

According to Skype, any attack that exploited it would involve sending a maliciously crafted message to someone on the attacker's Skype Contact List. The flaw does not affect Windows or Linux users, Skype Chief Information Security Officer Adrian Asher wrote in a blog post on the issue.

Skype will push out an update to its Skype for Mac software early next week, which means that all Mac OS users should be offered the fix within days.

But security-conscious people can already download a "hotfix" that Skype released on April 14. However, to date, Skype hasn't pushed this patch out to its users. Because "there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update," Asher said.

Mac users who want the fix now can click on Skype --> Check for Updates, or they can download the latest update from Skype's website. Otherwise they'll be prompted to upload the fix early next week.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: IDG, Linux, Pure, Pure Hacking, Skype

References show all

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"Slt peut tu expliquer comment intaller ou mettre en place le mteur ..."

Italian mathematician prepares to challenge Google
""Amsellem said Facebook, flush with cash from its recent IPO, could purchase ..."

Facebook could buy Nokia to build 'FacePhone', expert claims
"Anxiety is a normal part of life but when it becomes excessive ..."

It's not all Doom at new media conference
"This article touches on some of the points of Cloud security. Seems ..."

Tech Watch: Who watches the datacentre?
"I would assume being more exposed to the outside elements during a ..."

Facebook scammers host Trojan horse extensions on the Chrome Web Store

Tags: Apple, applications, internet, Internet-based applications and services, Mac OS, operating systems, patches, security, Skype, software

ARN Directory | Distributors relevant to this article

Multimedia Technology

Most Read

Get exclusive access to ARN's news, research and invitation only events.

Latest Jobs

FTSales Account ManagerNSW
CCSAP FICO ConsultantNT
FTSales Account ManagerNSW
CCOBIEE ConsultantWA
CCSAP PM ConsultantNSW
FTQM Trainer and ConsultantNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
FTSAP Basis ConsultantNSW
FTSAP Basis ConsultantACT
FTChange Management ProfessionalsNSW
CCAPAC Campaign ManagerNSW

Most Commented

ARN Distributor Directory

Find distributors by name | vendor | location

Channel Deals

/deals/avg/349_protect-your-android-phones-with-avg

AVG (AU/NZ) Pty Ltd

Protect your Android Phones with AVG Mobilation

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Featured Resources

Aberdeen Group: Building Business Resilience Through Active Archive

One of the key data management challenges organizations often face is how to keep their archived data accessible and active, without spending the time and resources associated with primary storage. The amount of data in the archives can range from one half to 10 times the amount of data actively managed in primary storage. How can end-users gain access to historical files in a reasonable amount of time without pulling IT employees from higher priority projects? Aberdeen's research found the answer in the technologies and processes that comprise active archiving.

Most Popular Resource Papers

Market Potential-Strategy Guide to the Active Archive Market

The active archive market is a growing segment where tape is seen as part of a disk or network fileystem. This means that to an end user disk and tape are “blended” and whether file is held on disk or tape is “invisible” to the end user. The active archive market is the fastest growing space in the storage industry and allows direct end user access to tape through a file system front end.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management