Mac Skype users open to 'dangerous' bug, but fix is on the way

Mac owners who use Skype should soon have a patch available to cover a hole in the VoIP software that leaves them open to hackers looking to gain remote control of their machines.

"The long and the short of it is that an attacker needs only to send a victim a message, and they can gain remote control of the victim's Mac," Gordon Maddern of Australian security consultancy Pure Hacking blogged on Friday. "It is extremely wormable and dangerous."

For its part, Skype said they had been contacted by Pure Hacking last month, but that they already were working on a fix.

"At the time they alerted us, we were already aware of the issue and were working on a fix to protect Skype users from this vulnerability, as we take our users' security very seriously," said Skype spokesman Adrian Asher. "We subsequently released a hotfix for this problem in a minor update (Skype for Mac version 5.1.0.922) on April 14th. As there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update, as there is another update in the pipeline that will be sent out early next week."

For more:
- see this PC World article

Related articles:
Skype patches Android app, reports no security breaches
Skype admits to security vulnerabilities in Android app
Skype responds to security breach