A major bug is forcing Microsoft to rebuild Skype for Windows

Skype has fallen foul of a security flaw that can allow attackers to gain system-level privileges to vulnerable computers, Microsoft has confirmed. However, the company won’t immediately fix the issue because doing so would require a complete code overhaul. The bug was discovered by security researcher Stefan Kanthak, who says the Skype update can be nefariously tweaked to trick an application into drawing incorrect code instead of the right library. This would let a hacker download malicious code and put it into a user-accessible temporary folder, renaming it to an existing DLL that could be modified by anyone without system privileges. According to Kanthak, once system access is granted, an attacker “can do anything”. However, the hacker would require physical access to the computer to do this.

Engadget稿源:Engadget (源链) | 关于 | 阅读提示

本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » 移动互联 » A major bug is forcing Microsoft to rebuild Skype for Windows

喜欢 (0)or分享给?

专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录