Menu
Skype to fix wormable bug in Mac software

Skype to fix wormable bug in Mac software

A hotfix for the problem has been available since April 14

Skype plans to push out an important update to its Skype for Mac software next week that will fix a big that could be leveraged by hackers looking to build a self-copying worm program.

Details of the flaw haven't been made public, so it's unlikely that anyone is going to write a worm any time soon. But the bug is serious, according to Gordon Maddern, the Australian security researcher who reported the issue to Skype.

"The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac," Maddern wrote in a blog post. "It is extremely wormable and dangerous."

According to Skype, any attack that exploited it would involve sending a maliciously crafted message to someone on the attacker's Skype Contact List. The flaw does not affect Windows or Linux users, Skype Chief Information Security Officer Adrian Asher wrote in a blog post on the issue.

Skype will push out an update to its Skype for Mac software early next week, which means that all Mac OS users should be offered the fix within days.

But security-conscious people can already download a "hotfix" that Skype released on April 14. However, to date, Skype hasn't pushed this patch out to its users. Because "there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update," Asher said.

Mac users who want the fix now can click on Skype --> Check for Updates, or they can download the latest update from Skype's website. Otherwise they'll be prompted to upload the fix early next week.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags patchesInternet-based applications and servicesskypeMac OSapplicationssecuritysoftwareoperating systemsinternetApple

Upcoming

Slideshows

IN PICTURES: ARN Roundtable - Connected collaboration: the mobility story

IN PICTURES: ARN Roundtable - Connected collaboration: the mobility story

A select group of key players in the mobility space came together at Est. in Sydney to discuss the major trends, plays, problems and state of the mobility sector. A lively debate criss-crossed the mobility arena as attendees examined its potential. Photos by Editorial Director, Mike Gee

IN PICTURES: ARN Roundtable - Connected collaboration: the mobility story
IN PICTURES: Huawei Australia Roadshow 2015 - Sydney (+32 Pictures)

IN PICTURES: Huawei Australia Roadshow 2015 - Sydney (+32 Pictures)

Huawei Australia held its annual partner roadshow at Sydney's famous Randwick Racecourse. Partners, customers and analysts were all invited to hear from Huawei's experts on the state of the telecommunications industry, its work in the channel, and the future of software-defined, Cloud and 5G Networks. Photos by Allan Swann

IN PICTURES: Huawei Australia Roadshow 2015 - Sydney (+32 Pictures)

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments