FierceWirelessFierceWirelessEuropeFierceDeveloperFierceMobileContentFierceBroadbandWirelessFierceEnterpriseCommunicationsFierceIPTVFierceTelecomFierceOnlineVideoFierceCable

Free Newsletter

About | View Sample | Privacy

Another Skype security flaw in latest Facebook integration reported

August 1, 2011 — 10:19am ET | By
Tools

Looks like the security risks that have been a fixture with Skype continue to cause irritation--and worse--for users, this time lighting up alerts about its latest integration with social networking platform Facebook.

The Register today reports that a security researcher is warning that Skype's latest version upgrade to 5.5 is insecure because JavaScript code in Facebook status messages can now be updated from the client, which isn't filtered, thereby allowing a Skype account to be hijacked. According to reports, a hijacker doesn't even need to be friends with a Facebook member, since the JavaScript code also is executed on fan sites, where everyone has write access.

Skype reportedly is working on a fix.

The VoIP provider two weeks ago fixed a cross-site scripting bug for Windows users that allowed someone to put malicious content onto a web page, allowing victims to be redirected to a website containing a virus or trojan or have pop-ups appear on their screen.

For more:
- see this Register report

Related articles:
Think your calls on Skype are secure? Think again
Mac Skype users open to 'dangerous' bug, but fix is on the way


SHARE
WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceEnterpriseCommunications Email Newsletter:


More stories about Skype   Facebook   Security Vulnerabilities