All the latest UK technology news, reviews and analysis
|
|
|
17 Nov 2004
A critical flaw in Skype's internet telephony software has forced the company to issue an urgent update.
Danish security group Secunia issued an advisory at the start of the week warning that a flaw in versions 1.0.0.95 through 1.0.0.98 of Skype's software is "highly critical".
According to the warning, the flaw means that Skype users visiting a maliciously engineered website could suffer a buffer overflow attack potentially giving remote hackers full rights over compromised PCs.
"The vulnerability is caused due to a boundary error within the handling of command line arguments," said Secunia on its website.
"This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into visiting a malicious website which passes an overly long string (more than 4,096 bytes) to the 'call to:' URL handler."
Skype claims that over 30 million people use its software, which routes voice calls over the internet.
The peer-to-peer technology allows free calls to other internet phones, but can also connect to land lines on a per-minute charging basis.
Latest stories from Telecoms
Related videos
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Recruitment Consultants – IT (City of London - £20-£30k...
C++, SQL, Windows My Client is a prestigious technology...
Java Developer, Java Agile Developer Java, Agile...
Customer Insight Analyst- SAS/ SQL/ SPSS Key Words...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?