If you're using Skype for iOS, you might want to use it less frequently until the next update. News of a vulnerability has been released to the public. Using the technique detailed by the security researcher who discovered the exploit, an attacker could execute Javascript code simply by sending a user a message. With the exploit, any file on the iOS device is up for grabs.
Don't even look at messages from strangers, because the simple act of loading the message will allow your iOS device to be attacked. Remember, Microsoft bought Skype some time ago, and it seems they've continued with their philosophy: if the public doesn't know about a vulnerability, don't fix it.
The exploit was reported to Skype some time ago, but the researcher only came forward to the public about the exploit now. The idea was to give Skype some time to fix it. From the details he posted on the exploit, it doesn't sound like it would be very difficult to fix. In fact, if they dedicate some time to patching the exploit, they could have an update out very shortly. With any luck, now that the attack has gotten public attention a fix for it will be released shortly. Skype doesn't want to make their reputation for poor security any worse.
via CultOfMac
{ 0 komentar... read them below or add one }
Posting Komentar