Skype security flaw already patched, but you have to download manually
There's a big problem with Skype on the Mac: and no, it's not its ugly UI (although that is a big problem). As noted by Mashable's (and former TUAW blogger) Christina Warren, the latest version of Skype for Mac has an unpatched security flaw that that allows a person to gain remote access to another's machine simply by sending a Skype message. The flaw was discovered last month thanks to the work of researcher Gordon Maddern from the firm Pure Hacking.
Maddern contacted Skype, who was reportedly already aware of the vulnerability and working on a fix. They then issued a hotfix for the security hole in a minor update (Skype for Mac version 5.1.0.922) on April 14th. However, responding to the issue in an official blog post today the Skype for Mac team said, "As there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update, as there is another update in the pipeline that will be sent out early next week."
What's that mean to you as a Skype for Mac user? The cat's out of the bag, and if someone who has the skills to take advantage of the flaw now knows about it, Skype for Mac users who have not updated to version 5.1.0.922 are theoretically at risk. Don't wait for the automatic update to Skype next week. Be sure and download the April 14th update right now by clicking here, or simply run Skype on your Mac and choose Skype > Check for Updates.
Now about that UI...
Share
There's a big problem with Skype on the Mac: and no, it's not its ugly UI (although that is a big problem). As noted by Mashable's...
Add a Comment
Echoing Wim.v's comment - Check for Updates in Skype 5.x has never worked for me. If it wasn't free...
May 07 2011 at 8:22 PM Report abuse Permalink rate up rate down ReplyThe prompt to download a new version (922) came up automatically for me. I updated and installed with no problem.
May 07 2011 at 1:06 PM Report abuse Permalink rate up rate down ReplySame here. They probably have some way to stagger updates so they don't get overloaded like Apple sometimes does when they release osx and ios updates.
May 07 2011 at 11:45 PM Report abuse Permalink rate up rate down ReplyThis is why I regularly read TUAW. It keeps me informed and safe. Keep up the good work!
May 07 2011 at 10:00 AM Report abuse Permalink rate up rate down ReplyI like the way that when you go to the Skype homepage there is a prominent notice informing Mac users that there's a problem and that they should upgrade to the latest version which is linked to on the homepage, or that they can get using 'Check for updates'.
Oh no... hang on, that's what a RESPONSIBLE company would do!
Let's hope that whoever buys Skype later this year will slap some sense into them (and fix this hideous UI).
Do we know if it means anything to us users who reverted to v2.something or other when we were horrified by 5's uselessness?
May 07 2011 at 2:23 AM Report abuse Permalink rate up rate down ReplyThe article says that one possibility to update is to go to Skype / Check for updates, BUT that doesn't work. It simply says that my version is up to date even though I have version 5.1.0.914. Going to the Skype website seems the only certain way to get the update.
May 07 2011 at 2:02 AM Report abuse Permalink rate up rate down ReplyMine did that too. Try running the check again after a few minutes.
May 07 2011 at 10:40 AM Report abuse Permalink rate up rate down ReplySkype should be ashamed of themselves. This is not OK. Period. You should use MacUpdate or equalivent if you have to. Isn't there one called Fresh something?
May 07 2011 at 1:45 AM Report abuse Permalink rate up rate down ReplyAppFresh. Not sure if it would flag this one or not, though... I think the update data is crowdsourced.
May 07 2011 at 12:22 PM Report abuse Permalink rate up rate down ReplyMacUpdate had me updated already ;-)
Now about that UI!!!!!!!
Deals of the Day
more deals- StarCraft II: Wings of Liberty for PC and Mac for $30 + pickup at Best Buy
- Apple iPhone 4 8GB for Verizon, AT&T, or Sprint for $50 + pickup at Best Buy
- Unlocked iPhone 4S 16GB for GSM (AT&T, T-Mobile) for $619 + free shipping
- Apple iMac Core i7 Quad 3.4GHz 27" w/ 24GB RAM, 2TB HDD for $2,677 + $29 s&h
- Used Apple Magic Mouse for $36 + $4 s&h
- 9-Piece iPhone Bundle, includes 1,900mAh battery for $8 + free shipping
Software Updates
more updatesFeatured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
15 Comments