Skype Mac vulnerability patched
- 10 May, 2011 12:14
- Comments
Skype has released a new version of its Internet telephony and video conferencing software for Mac OS X. Version 5.1.0.935 of Skype for Mac patches a bug discovered by Gordon Maddern, an Australian security researcher with Pure Hacking.
The vulnerability, which did not affect Windows and Linux versions of Skype, allowed an attacker to take control of a Mac by sending a message to the victim. In a 6 May blog entry, Gordon Maddern, wrote that he was able use "metasploit and meterpreter as a payload" — "Low and behold I was able to remotely gain a shell" on the recipient's computer. Maddern has confirmed that Skype 5.1.0.935 is not vulnerable to the attack.
A 9 May entry on the official Skype blog recommends Mac users upgrade to the new version, which according to Skype also resolves an issue with video freezing in high-packet loss networks and fixes a number of minor bugs.
Recommended
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
- In Control at Layer 2: A Tectonic Shift in Network Security
- Moving to a Private Cloud? Infrastructure Really Matters!
- Definitive Guide to Next-Generation Threat Protection
- Putting Web Threat Protection and Content Filtering in the Cloud
- Trend Micro Endpoint Comparative Report Performed by AV-Test.org
-
CIOs struggle to deliver timely mobile business apps: survey
-
Spiceworks' free management software gets integrated MDM
-
Opinion: Why national e-health is not for everyone
-
Opinion: Why national e-health is not for everyone
-
Opinion: Why national e-health is not for everyone
-
Accelerate Cloud and Composite Application Delivery
Are your requirements the need for faster release cycles, you have reduced budgets required to run and manage a complex test environment, and you want to decrease your third party expenses? HP Service Virtualisation, designed to enable your teams to create, develop and test against virtual services that simulate real service behaviour with no constraints, available anytime. -
Detecting APT Activity with Network Traffic Analysis
Today’s successful targeted attacks use a combination of social engineering, malware, and backdoor activities. This research paper will discuss how advanced detection techniques can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered. -
Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.
Get exclusive access to Invitation only events CIO, reports & analysis. 
