Skype security flaw already patched, but you have to download manually
There's a big problem with Skype on the Mac: and no, it's not its ugly UI (although that is a big problem). As noted by Mashable's (and former TUAW blogger) Christina Warren, the latest version of Skype for Mac has an unpatched security flaw that that allows a person to gain remote access to another's machine simply by sending a Skype message. The flaw was discovered last month thanks to the work of researcher Gordon Maddern from the firm Pure Hacking.
Maddern contacted Skype, who was reportedly already aware of the vulnerability and working on a fix. They then issued a hotfix for the security hole in a minor update (Skype for Mac version 220.127.116.112) on April 14th. However, responding to the issue in an official blog post today the Skype for Mac team said, "As there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update, as there is another update in the pipeline that will be sent out early next week."
What's that mean to you as a Skype for Mac user? The cat's out of the bag, and if someone who has the skills to take advantage of the flaw now knows about it, Skype for Mac users who have not updated to version 18.104.22.1682 are theoretically at risk. Don't wait for the automatic update to Skype next week. Be sure and download the April 14th update right now by clicking here, or simply run Skype on your Mac and choose Skype > Check for Updates.
Now about that UI...
Subscribe to Newsletter
Software Updatesmore updates
- Ember for Mac gains 'hugely-requested' screen recording feature
- Spotify update adds equalizer, refreshed Artist page and more
- Fantastical 2.1 for iOS adds new snooze, search and notification features
- ExpanDrive 4, more services and faster sync
- Apple adds iTunes Extras to Apple TV
- Spotify updates with new iPhone controls in time for summer BBQs