Microsoft Won't Patch a Severe Skype Vulnerability Anytime Soon
A serious vulnerability has been discovered in Microsoft-owned most popular free web messaging and voice calling service Skyp,It's not because the flaw is unpatchable, but because fixing the vulnerability requires a significant software rewrite, which indicates that the company will need to issue an all-new version of Skype rather than just a patch.
The exploitation of this preferential search order would allow the attacker to hijack the update process by downloading and placing a malicious version of a DLL file into a temporary folder of a Windows PC and renaming it to match a legitimate DLL that can be modified by an unprivileged user without having any special account privileges.
When Skype's update installer tries to find the relevant DLL file, it will find the malicious DLL first, and thereby will install the malicious code.
When Skype's update installer tries to find the relevant DLL file, it will find the malicious DLL first, and thereby will install the malicious code.
Good post
great post.
Upvote and resteem.
thanks for sharing internet security info.
keep it up
helpful information.
go ahead.
Nice and greatfull post...
just awesome
Your post about
""Microsoft Won't Patch a Severe Skype Vulnerability Anytime Soon"" is very good
Nice post
Very good info about microsoft
Very very nice post thanks
it's great news for microsoft users.Thanks zahid.
visit my post.Thanks
@oliviaalexa