Categories: Technology

Skype bug could give hackers full control of PC, but Microsoft will not fix it right away

Microsoft has had a bad time last month after the potential threat linked to Spectre and Meltdown, affecting almost all major chip makers including Intel, AMD, and ARM was uncovered. Microsoft issued an update to resolve it but that also went wrong, wrecking some AMD-powered PCs. And now, the software giant is looking forward to resolving another major security flaw in Skype for Windows but it needs more time for that.

Recently, a security researcher Stefan Kanthak has discovered a bug which may cause a Skype update into loading malicious code instead of the right library. The hacker would simply need to put a fake DLL into a user-accessible temporary folder, with the name of an existing DLL that could be modified by anyone without system access. As of now, Microsoft has confirmed that Skype is currently experiencing a security flaw that can endow attackers with system-level access.

However, Microsoft will not immediately fix the issue because doing so would require a complete code revamping. The bug is attributed to the Skype automatic update function which can be altered to trick the application into allocating permissions by inserting incorrect code. According to Kanthak,

“They’ve reviewed the code and were able to reproduce the issue, but have determined that the fix will be implemented in a newer version of the product rather than a security update.”

It appears that Microsoft will not be issuing a security update instead Skype will undergo a major revision later in which the bug will get fixed. According to an official statement by the company,

“We have a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. Our standard policy is that on issues of low risk, we remediate that risk via our Update Tuesday schedule.”

It must be noted that the security flaw is only limited to the full Skype program on the desktop, meaning users of the Universal Windows Platform (UWP) application will face no issues.

Sponsored
Sajeel Syed

I am a writer at TechJuice, overseeing IT, Telecom, Cryptocurrency, and other tech-related features here. When I'm not working, I spend some of my time with good old Xbox 360 and the rest in social activism. Follow me on Twitter: https://twitter.com/sajeelshamsi

Share
Published by
Sajeel Syed

Recent Posts

Garena Free Fire India Launch Rumors: What Fans Need to Know

Reports suggest that Garena Free Fire is set to make a much-anticipated return to India.…

15 hours ago

Albania Bans TikTok for One Year: Here’s the Reason!

The Albanian government has announced a ban on the social media platform TikTok for a…

18 hours ago

Google Pixel 9 Pro vs. 8 Pro: Biggest Upgrades Compared

The launch of Google’s latest Pixel lineup brings an exciting chance to compare the new…

20 hours ago

Azad Kashmir to Host Pakistan’s First Women-Centric Software Technology Park

ISLAMABAD: In February next year, Pakistan is set to launch its first women-focused software technology…

21 hours ago

HEC Reveals Law Admission Test Date for LLB Students

The Law Admission Test (LAT) has been announced by the Higher Education Commission (HEC) of…

22 hours ago

Meta’s WhatsApp to Release New Playback Speed Feature for Videos

Meta's WhatsApp is rolling out a new playback speed feature, allowing users to adjust video…

1 day ago