There’s been a lot in the news recently about the recent zero-day affecting Skype’s Mac client. Specifically, they mention a vulnerability that could cause Skype to crash. Other sources mention an attacker being able to take over a Mac completely in certain situations.
Of course all this fuss was based on the 5.x client. Many of us have chosen to remain with the older 2.8 client due to its more intuitive and Mac-like interface. Unfortunately, I wasn’t able to find much information on if this older client was susceptible as well. The H Security had the same question but as of earlier today Skype remained quiet on the issue.
As a precaution the past few days I only had Skype running when absolutely necessary and was very careful when adding new contacts. Of course all of this worry was not needed as news that the 2.8 client was not vulnerable finally came out. Now, Skype just needs to squash another bug in their 5.x client … the interface. 
No related posts.
Loading ...
Another disclosure (which could be the same 0day) points towards a XSS in the MAC Skype.
http://secniche.blogspot.com/2011/05/skype-im-mac-os-x-is-this-0day.html
@atul: Thanks for the blog post/reference.
Wow, looks like 2.8 has something to worry about after all. I’m guessing Skype isn’t patching the 2.8 branch though.