Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Skype has yesterday released a security bulletin to deal with a cross-zone scripting vulnerability. Security Bulletin SKYPE-SB/2008-001 addresses the said vulnerability in Skype, which may allow a remote and unauthenticated malicious user to execute arbitrary codes on an affected system.

    Skype’s “add video to mood” and “add video to chat” functions were seen as possible areas that attackers could exploit to execute malicious codes on target systems. Because Skype uses Internet Explorer web control to render HTML content, browsing through Skype’s video gallery section and watching videos with arbitrary codes trigger the vulnerability; watching videos in a chat or in a mood message, however, does not.

    As of the moment, Skype has rendered inoperative adding videos from the video-hosting service Web site Dailymotion gallery until an official fix has been made available.

    Trend Micro advises users of this software to download the necessary patches to fix any vulnerability once they are available from Skype.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice