A security flaw in Skype can allow an attacker to gain system-level privileges in PCs

A new security vulnerability in Skype for Windows desktop was revealed yesterday. Skype desktop app comes with its own updater tool that periodically runs to keep the Skype app up to date. When an update is available, Updater tool copies/extracts another executable as “%SystemRoot%TempSKY.tmp” and executes it using the command line

“%SystemRoot%TempSKY.tmp” /QUIET. A security researcher has found that this executable is vulnerable to DLL hijacking.

It loads at least UXTheme.dll from its application directory %SystemRoot%Temp instead from Windows’ system directory. An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in %SystemRoot%Temp gains escalation of privilege to the SYSTEM account.

This vulnerability was report to Microsoft and Microsoft’s response is quite sad. Microsoft is not planning to update the Skype Updater tool, instead they will release this fix in a newer version of Skype app.

The team is planning on shipping a newer version of the client, and this current version will slowly be deprecated.

As the current Skype app would need a large code revision to prevent the above described DLL injection, Microsoft has decided not to fix it. However, Microsoft mentioned that all the resources have been put toward development of the new client. Skype UWP app is not affected by this vulnerability.

WMPoweruser稿源:WMPoweruser (源链) | 关于 | 阅读提示

本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » 科技动态 » A security flaw in Skype can allow an attacker to gain system-level privileges in PCs

喜欢 (0)or分享给?

专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录