Skype security flaw already patched, but you have to download manually

There’s a big problem with Skype on the Mac: and no, it’s not its ugly UI (although that is a big problem). As noted by Mashable’s (and former TUAW blogger) Christina Warren, the latest version of Skype for Mac has an unpatched security flaw that that allows a person to gain remote access to another’s machine simply by sending a Skype message. The flaw was discovered last month thanks to the work of researcher Gordon Maddern from the firm Pure Hacking. Maddern contacted Skype, who was reportedly already aware of the vulnerability and working on a fix. They then issued a hotfix for the security hole in a minor update (Skype for Mac version 5.1.0.922) on April 14th. However, responding to the issue in an official blog post today the Skype for Mac team said, “As there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update, as there is another update in the pipeline that will be sent out early next week.” What’s that mean to you as a Skype for Mac user? The cat’s out of the bag, and if someone who has the skills to take advantage of the flaw now knows about it, Skype for Mac users who have not updated to version 5.1.0.922 are theoretically at risk. Don’t wait for the automatic update to Skype next week. Be sure and download the April 14th update right now by clicking here, or simply run Skype on your Mac and choose Skype > Check for Updates.
Now about that UI…

http://www.tuaw.com/2011/05/07/skype-security-flaw-already-patched-but-you-have-to-download-ma/#bXpulseX

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑