Skype has released a new version of its Internet telephony and video conferencing software for Mac OS X. Version 220.127.116.115 of Skype for Mac patches a bug discovered by Gordon Maddern, an Australian security researcher with Pure Hacking.
The vulnerability, which did not affect Windows and Linux versions of Skype, allowed an attacker to take control of a Mac by sending a message to the victim. In a 6 May blog entry, Gordon Maddern, wrote that he was able use "metasploit and meterpreter as a payload" — "Low and behold I was able to remotely gain a shell" on the recipient's computer. Maddern has confirmed that Skype 18.104.22.1685 is not vulnerable to the attack.
A 9 May entry on the official Skype blog recommends Mac users upgrade to the new version, which according to Skype also resolves an issue with video freezing in high-packet loss networks and fixes a number of minor bugs.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.