An alert icon

Update Skype to Limit Vulnerability

On June 26, it was announced by Vulnerability Labs found a weakness in the Microsoft Windows version of the Skype desktop version. They have prepared an overview that can be found at their online magazine. The issue has been fixed by Microsoft. Vulnerability Lab informed Microsoft about the issue on May 16, they did not widely release the information unit a fix was available. Microsoft was able to address the issue in version 7.37 of the Skype software

Why does this matter to the AV Industry?

The exploit would have allowed someone to remotely execute malicious code. After running the bad code one can have full control of the computer. It is important to tell your clients to update to the latest version. This issue illustrates a software based personal computer based conferencing application is typically not as secure as a hardware based solution.

Using a soft codec instead of a hardware based solution can easily create a security risk.  Microsoft has a list of hardware that is certified to work with Skype for Business or Lync on their website.

Leave a Comment