Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!
Apple Security Alert Ping!
If you want on or off the Mac Ping List, Freepmail me.
If you want on or off the Mac Ping List, Freepmail me.
The update says:
“...a hotfix for the vulnerability was released in mid April.
‘As there were no reports of this vulnerability being exploited in the wild, we did not prompt our users to install this update, as there is another update in the pipeline that will be sent out early next week,’ Skype’s Adrian Asher wrote.
He added:
This vulnerability, which they blogged about earlier today, is related to a situation when a malicious contact would send a specifically crafted message that could cause Skype for Mac to crash. Note, this message would have to come from someone already in your Skype Contact List, as Skype’s default privacy settings will not let you receive messages from people that you have not already authorized, hence the term malicious contact.”
All I can find - that it messes up skype on the “affected computer”? So - “self-propagating” means that a user has to manually send it to another user? I guess I don’t understand...
Also - this is a problem with Skype’s code, not Apple’s... Yes?
Well that sucks, I just loaded it to see my grandsons who are in Germany with their dad who is stationed there.
Unless I'm missing something, shell access (SSH) would have to have been previously enabled on the target Mac.
Well, the vermin are beginning to crawl out of the woodwork at last. As they say, it is not at all the beginning of the end, but it is the end of the beginning. Macs are now officially a target species. Hurrah! (It is a milestone of sorts, eh?)
From TFA:
> Maddern didn't say what interaction is required on the part of the victim, and he didn't immediately respond to an email seeking clarification.I'll be interested to learn if it circumvents the usual Mother-may-I prompts for administrative access password.
Now, let's see.... I use Skype all day, every day, on both Mac OS-X and Windows 7, and occasionally on my iPod Touch. I cannot function at work without Skype these days, because a few hundred people contact me on skype every week, and won't or can't use other means (email, phone).
And naturally, I'm up-to-date on Skype releases, so I'm using Version 5 everywhere.
Drat. Damned vermin.
So what gets sent, really? I read this:
> ...sending a specially manipulated attachment in an instant message...Do they mean dropping a file into the chat? I do that occasionally; people do that occasionally to me. But I never chat, much less accept files from, unknown people. I suppose someone could manage to masquerade as a user I know...
Yeeeechhhh!
Well, Skype will patch the bug, and Apple will close the hole, and all will be well until the next one...
>> It remotely gives shell access.
Impressive access for a chat client. What else can it do?
Hey now.