Security Vulnerability Discovered in Skype for Mac, Latest Update Includes Patch - MacRumors
Skip to Content

Security Vulnerability Discovered in Skype for Mac, Latest Update Includes Patch

by

230746 skype logo

Earlier today, security researcher Gordon Maddern of Pure Hacking reported on a security vulnerability he accidentally discovered in Skype's software for Mac OS X, a vulnerability that he said he disclosed to the company a month ago and had yet to be patched.

I notified them on the security vulnerabilitity and I was given the standard:

"Thank you for showing an interest in skype security, we are aware of this issue and will be addressing it in the next hotfix"

That was over a month ago and there still has not been a fix released. The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac. It is extremely wormable and dangerous.

Skype quickly responded on its security blog, noting that the company was already aware of the issue by the time Maddern reported it and had in fact issued a fix for it as part of a minor update to Skype for Mac released on April 14th. But because exploits for the vulnerability had not been reported in the wild, the company opted not to prompt existing users to apply the update.

Skype says that another update for the company's Mac software is set to launch early next week, and users will be prompted to update at that time. But in the meantime, Skype does recommend that users aware of the issue simply manually check for updates to get the current patched version.

This new update will include some additional updates and bug fixes. When it is released, we will notify all Skype for Mac users of the need to update their software (the client will prompt the user to update). In the meantime, we recommend you update your software with the fix made available on April 14th, just click on Skype -> Check for Updates or you can download the software here.

The vulnerability affects only the Mac OS X version of Skype, and thus clients for other platforms such as Windows and Linux will not require an update.

Top Rated Comments

L
locust76
197 months ago
skype is disgusting!

I heard they record conversations with out users knowing, as well as locations and access other info, whats really disgusting is the fact that everyone is collecting information becuase they can use it against innocent people!

Put your tinfoil hat away, there's no proof or motive of this. Besides, Skype is Peer to Peer, which means recording a conversation is next to impossible, because it doesn't go through a central server. If Skype clients were uploading recordings, people would notice.
Score: 3 Votes (Like | Disagree)
netnothing Avatar
netnothing
197 months ago
It's on Page 2: Security Vulnerability Discovered in Skype for Mac, Latest Update Includes Patch (https://www.macrumors.com/2011/05/06/security-vulnerability-discovered-in-skype-for-mac-latest-update-includes-patch/)

Yeah we know "where" it is. He's saying it should be front and center on Page 1.

But I guess security stories aren't as important as a new ambient light sensor.

-Kevin
Score: 2 Votes (Like | Disagree)
ciTiger Avatar
ciTiger
197 months ago
Don't use skype that much atm but i really hope they improve the interface soon :p
Score: 2 Votes (Like | Disagree)
J
jdavtz
197 months ago
so does anyone know if the vulnerability is in 2.8 or only in 5?

also -- apple has a role here: "control of victim's mac" shouldn't be possible without at least a password prompt


A possible workaround I suppose would be: allow chats from - only people in my contact list
Score: 2 Votes (Like | Disagree)
techpr Avatar
techpr
197 months ago
So I'm now forced to upgrade from 2.8.good.ui to 5.1.trash.ui ?
Score: 2 Votes (Like | Disagree)
B
bmb012
197 months ago
Why would anyone ever install Skype 5 over 2.8? :eek:

I do wish they'd fix their stupid hideous software :(
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

WWDC26 MR Live Coverage Article

WWDC 2026 Apple Event Live Keynote Coverage: iOS 27, Revamped Siri, and More

Monday June 8, 2026 9:15 am PDT by
Apple's Worldwide Developers Conference (WWDC) starts today with the traditional keynote kicking things off at 10:00 a.m. Pacific Time. MacRumors is on hand for the event and we'll be sharing details and our thoughts throughout the day. We're expecting to see a number of software-related announcements today, headlined by a reset on Apple's push into AI that should see a significant overhaul...
Read Full Article1078 comments
macOS Golden Gate Mac

Apple Announces macOS 27 Golden Gate With New Siri and 'Tons' of Refinements

Monday June 8, 2026 10:19 am PDT by
Apple today announced that macOS 27 is named macOS Golden Gate. Much like Mac OS X Snow Leopard in 2009, Apple said it focused on improving macOS's performance and dozens of underlying technologies this year. Apple says macOS Golden Gate offers quicker AirDrop transfers, faster network file browsing, improved syncing in the Messages app, better Spotlight search suggestions, and other...
Read Full Article122 comments
apple intelligence architecture

Apple Reveals New AI Architecture Built Around Google Gemini Models

Monday June 8, 2026 10:38 am PDT by
Apple today announced a major overhaul of its Apple Intelligence platform, revealing a new architecture built on foundation models developed in collaboration with Google using the technologies behind the Gemini family. The new architecture centers on Apple Foundation Models co-developed with Google, which Apple says are adapted to run both on-device and on servers through its existing...
Read Full Article40 comments