May 19, 2006 5:21 PM PDT

Skype bug may expose user data

Related Stories

Skype flaws open computers to attack

October 25, 2005

eBay bets big on Skype

September 13, 2005
Skype Technologies has updated its popular Skype Internet telephony software to fix a security bug that could expose sensitive data.

The flaw could let an attacker construct a Skype hyperlink which, when clicked on by the target, sends a file from the victim's computer to another Skype user, the company said in a security alert published Friday.

Security-monitoring company Secunia deems the issue "moderately critical," right in the middle of its five-tiered rating system. The bug could be exploited by attackers "to bypass certain security restrictions and potentially disclose certain sensitive information," Secunia said in its advisory.

An updated version of Skype, release 2.5.0.82, includes a fix for the flaw and was released Wednesday.

Skype was acquired by online auctioneer eBay last September. More than 100 million people are registered to use the service, according to Skype.

See more CNET content tagged:
Skype, IP telephony, eBay Inc., bug, security

4 comments

Join the conversation!
Add your comment
skype
Just as I start using something really cool, something bad happens. I've been using it since they made it free to call phone numbers :).
______________________________
R.K.
<a class="jive-link-external" href="http://www.Remove-All-Spyware.com" target="_newWindow">http://www.Remove-All-Spyware.com</a>
Posted by Roman12 (214 comments )
Reply Link Flag
Once again, Joris...
The Skype client is offered on several platforms, but only one
platform is affected by this bug. Guess which one it is? (Hint: It
isn't Mac OS X, Linux, or Pocket PC.)

Not identifying the affected platform is another chapter in Mr.
Evers ongoing saga of reporting errors and oversights. For
example, this May 12th article, <a class="jive-link-external" href="http://news.cbsi.com/Apple" target="_newWindow">http://news.cbsi.com/Apple</a>
+flaws+put+both+Macs+and+PCs+at+risk/
2100-1002_3-6071833.html contained multiple errors,
including misquoting Apple's security advisory bulletin.

One again, Mr Evers, I look forward to the day when I don't find
myself having to double-check your articles for accuracy, or,
based on your reporting, waste my time checking websites such
as Skype for security updates that I do not need.
Posted by Terry Murphy (82 comments )
Reply Link Flag
Once again, Joris...
The Skype client is offered on several platforms, but only one
platform is affected by this bug. Guess which one it is? (Hint: It
isn't Mac OS X, Linux, or Pocket PC.)

Not identifying the affected platform is another chapter in Mr.
Evers ongoing saga of reporting errors and oversights. For
example, this May 12th article, <a class="jive-link-external" href="http://news.cbsi.com/Apple" target="_newWindow">http://news.cbsi.com/Apple</a>
+flaws+put+both+Macs+and+PCs+at+risk/
2100-1002_3-6071833.html contained multiple errors,
including misquoting Apple's security advisory bulletin.

One again, Mr Evers, I look forward to the day when I don't find
myself having to double-check your articles for accuracy, or,
based on your reporting, waste my time checking websites such
as Skype for security updates that I do not need.
Posted by Terry Murphy (82 comments )
Reply Link Flag
re: latest Skype release
According to Skype the latest release is:
Official release. Version: 2.0.0.105. Release date: May 15, 2006
File name: SkypeSetup.exe File size: 9.0 MB
Posted by leehooper (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.