October 3, 2006 4:38 PM PDT

Security hole plugged in Skype for Mac

Skype on Tuesday issued an update that fixes a serious security flaw in its Internet telephony software for Apple Computer's Mac OS X.

A vulnerability exists in the way Skype for Mac handles Web links, according to a Skype advisory. An attacker could construct a malformed Skype link which, when clicked on, can cause the application to crash or allow a system to be compromised.

"A user of Skype for Mac who follows a specially crafted URL may experience a crash of the Skype software and possibly may execute arbitrary code without consent," the company said in its advisory. The Net telephony provider, part of online auction giant eBay, deems the issue "high" risk.

A miscreant could publish a malformed Skype link on a Web site, for example, and try to trick someone into following it, the company said.

The vulnerability exists in Skype for Mac releases prior to and including 1.5.*.79. It has been fixed in release 1.5.*.80 or later, which was available for download on the Skype Web site on Tuesday.

See more CNET content tagged:
Skype, IP telephony, Apple Macintosh, Apple Computer, security


Join the conversation!
Add your comment
Please Clarify
This is an application that is causing the issue?
Posted by Seaspray0 (9714 comments )
Reply Link Flag
No need to clarify
It's already stated multiple times throughout the article as well as the headline. The application is called "Skype", and it's a sign of growing popularity that it begins to get examined for security holes.

Any and all complex network applications (as well as operating systems) have plenty of security vulnerabilities in them, however it's just not worth anyone's time to go looking for any if the user base isn't large enough to yield enough successful hits.
Posted by KTLA_knew (385 comments )
Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.