230746 skype logo

Earlier today, security researcher Gordon Maddern of Pure Hacking reported on a security vulnerability he accidentally discovered in Skype's software for Mac OS X, a vulnerability that he said he disclosed to the company a month ago and had yet to be patched.

I notified them on the security vulnerabilitity and I was given the standard:

"Thank you for showing an interest in skype security, we are aware of this issue and will be addressing it in the next hotfix"

That was over a month ago and there still has not been a fix released. The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac. It is extremely wormable and dangerous.

Skype quickly responded on its security blog, noting that the company was already aware of the issue by the time Maddern reported it and had in fact issued a fix for it as part of a minor update to Skype for Mac released on April 14th. But because exploits for the vulnerability had not been reported in the wild, the company opted not to prompt existing users to apply the update.

Skype says that another update for the company's Mac software is set to launch early next week, and users will be prompted to update at that time. But in the meantime, Skype does recommend that users aware of the issue simply manually check for updates to get the current patched version.

This new update will include some additional updates and bug fixes. When it is released, we will notify all Skype for Mac users of the need to update their software (the client will prompt the user to update). In the meantime, we recommend you update your software with the fix made available on April 14th, just click on Skype -> Check for Updates or you can download the software here.

The vulnerability affects only the Mac OS X version of Skype, and thus clients for other platforms such as Windows and Linux will not require an update.

Top Rated Comments

locust76 Avatar
140 months ago
skype is disgusting!

I heard they record conversations with out users knowing, as well as locations and access other info, whats really disgusting is the fact that everyone is collecting information becuase they can use it against innocent people!

Put your tinfoil hat away, there's no proof or motive of this. Besides, Skype is Peer to Peer, which means recording a conversation is next to impossible, because it doesn't go through a central server. If Skype clients were uploading recordings, people would notice.
Score: 3 Votes (Like | Disagree)
netnothing Avatar
140 months ago
It's on Page 2: Security Vulnerability Discovered in Skype for Mac, Latest Update Includes Patch (https://www.macrumors.com/2011/05/06/security-vulnerability-discovered-in-skype-for-mac-latest-update-includes-patch/)

Yeah we know "where" it is. He's saying it should be front and center on Page 1.

But I guess security stories aren't as important as a new ambient light sensor.

-Kevin
Score: 2 Votes (Like | Disagree)
ciTiger Avatar
140 months ago
Don't use skype that much atm but i really hope they improve the interface soon :p
Score: 2 Votes (Like | Disagree)
jdavtz Avatar
140 months ago
so does anyone know if the vulnerability is in 2.8 or only in 5?

also -- apple has a role here: "control of victim's mac" shouldn't be possible without at least a password prompt


A possible workaround I suppose would be: allow chats from - only people in my contact list
Score: 2 Votes (Like | Disagree)
techpr Avatar
140 months ago
So I'm now forced to upgrade from 2.8.good.ui to 5.1.trash.ui ?
Score: 2 Votes (Like | Disagree)
bmb012 Avatar
140 months ago
Why would anyone ever install Skype 5 over 2.8? :eek:

I do wish they'd fix their stupid hideous software :(
Score: 2 Votes (Like | Disagree)

Popular Stories

Upcoming Products 2022 Feature

Gurman: Apple Preparing 'Widest Array of New Hardware Products in Its History' for Fall

Sunday January 23, 2022 10:32 am PST by
Apple is working on a number of new products that are set to launch this fall, and Bloomberg's Mark Gurman says that it will be "the widest array" of new devices that Apple has introduced in its history. In his latest "Power On" newsletter, Gurman explains that Apple is working on four new flagship iPhones (iPhone 14, iPhone 14 Max, iPhone 14 Pro, and iPhone 14 Pro Max), an updated low-end Ma...
Questionable Design Decisions

Apple's Most Questionable Design Decisions in Recent Memory

Sunday January 23, 2022 2:59 am PST by
Apple has always emphasized the depth of thought that goes into the design of its products. In the foreword to Designed by Apple in California, a photo book released by the company in 2016, Jony Ive explains how Apple strives "to define objects that appear effortless" and "so simple, coherent and inevitable that there could be no rational alternative." But every once in a while even Apple...
macbook pro 14 16 2021

Three Months After Launch, Apple Still Struggling to Meet Demand for Redesigned 14-Inch and 16-Inch MacBook Pro

Monday January 24, 2022 7:12 am PST by
Three months after their launch, the 14-inch and 16-inch MacBook Pros continue to experience high demand and seemingly short supply, with shipping dates for both models stretching into multiple weeks in several of Apple's key markets. In the United States, the baseline 14-inch MacBook Pro with the M1 Pro chip is estimated to ship in three to four weeks, promising an arrival by at least...
att gigabit internet

AT&T Bringing $180/Month 5-Gigabit Internet to 70 Cities

Monday January 24, 2022 9:20 am PST by
AT&T today announced the launch of upgraded AT&T Fiber plans, which support speeds of up to 5 Gigabits for some customers. There are two separate plans, one "2 GIG" plan and one "5 GIG" plan, available to new and existing AT&T Fiber subscribers. According to AT&T, the new plans are available to nearly 5.2 million customers across 70 metro areas including Los Angeles, Atlanta, Chicago, San...
airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
AirPods Pro Gen 3 Mock Feature ugly yellow

AirPods Pro 2 Could Beat AirPods Max Sound Quality

Monday January 24, 2022 2:15 am PST by
Apple's second-generation AirPods Pro could deliver higher fidelity audio than the AirPods Max over-ear headphones, despite being comparatively small in-ear buds, recent reports have suggested. In a recent note to investors, seen by MacRumors, TF International Securities analyst Ming-Chi Kuo claimed that the second-generation AirPods Pro will offer improved audio quality thanks to support...
iCloud General Feature

Developers Unhappy With Bug Causing iCloud Unreliability

Monday January 24, 2022 10:15 am PST by
A number of developers are upset with an increasingly problematic iCloud server issue that is causing some apps that have implemented iCloud support to fail to sync properly. As outlined on the Developer Forums and on Twitter, there are CloudKit connectivity issues that have been occurring since November. Some users of apps that have iCloud support built in are seeing the following message:...
top stories 2022jan22

Top Stories: Spring Apple Event Rumors, Apple Opposes Sideloading, and More

Saturday January 22, 2022 6:00 am PST by
As we roll into the latter half of January, we're starting to hear more about a potential spring Apple event, which is likely to take place in March or April. There are a number of potential announcements on deck, so an event would be a good opportunity for Apple to get them all out there. We've also been going back and forth on some iPhone 14 rumors, and we've taken a look at a number of...