A security flaw in Skype’s peer-to-peer VoIP software has been closed, thanks to diligent work by a Kiwi security expert. Auckland-based Brett Moore, CTO of Australian, independent security company Security-Assessment.com, uncovered the flaw in Skype’s software. Skype is now advising users to upgrade to its latest version to fix the bug.
Moore says that the type of vulnerability found in Skype is fairly common with applications that interact with internet browsers. “We have previously discovered this type of vulnerability in two separate programs and there are public releases of similar issues in other programs,” he says.
The security flaw manifests itself through the way Skype handles Uniform Resource Identifiers (URIs) that point to names or addresses referring to resources.Read Full Story