Users looking for a more in-depth explanation can refer to Mejri’s detailed write-up here. Thus, the vulnerability can be exploited by the transmission of malicious files via the clipboard. Mejri explains the nature of the vulnerability, stating that it lends itself to a lack of “secure limitations or restrictions” within the Skype’s clipboard function.
From there, the attackers could potentially execute further exploits. Essentially, the vulnerability allows attackers to crash the program by causing a stack overflow error. The vulnerability was discovered within a team conference call on Skype Web, and is said to affect Skype versions 7.2, 7.35, and 7.36 on Windows XP, Windows 7, and Windows 8. Thus, when Benjamin Kunz-Mejri, a security researcher at Vulnerability Lab, reported his findings of a bug that allows potential attackers to exploit security vulnerabilities within the programming, there was cause for concern. When such a massive platform has a security flaw exposed, the implications are far-reaching. In fact, approximately 35% of small businesses are said to use Skype as their primary communication service. With a reported user base in the tens of millions, the ubiquity of the platform should not be understated.
Skype, the widely popular chat and calling service acquired by Microsoft in 2011, is likely a program you have installed on your computer.
0 kommentar(er)
