A security flaw in Skype can allow an attacker to gain system-level privileges in PCs

移动互联 2018-02-14

A new security vulnerability in Skype for Windows desktop was revealed yesterday. Skype desktop app comes with its own updater tool that periodically runs to keep the Skype app up to date. When an update is available, Updater tool copies/extracts another executable as “%SystemRoot%TempSKY.tmp” and executes it using the command line

“%SystemRoot%TempSKY.tmp” /QUIET. A security researcher has found that this executable is vulnerable to DLL hijacking.

It loads at least UXTheme.dll from its application directory %SystemRoot%Temp instead from Windows’ system directory. An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in %SystemRoot%Temp gains escalation of privilege to the SYSTEM account.

This vulnerability was report to Microsoft and Microsoft’s response is quite sad. Microsoft is not planning to update the Skype Updater tool, instead they will release this fix in a newer version of Skype app.

The team is planning on shipping a newer version of the client, and this current version will slowly be deprecated.

As the current Skype app would need a large code revision to prevent the above described DLL injection, Microsoft has decided not to fix it. However, Microsoft mentioned that all the resources have been put toward development of the new client. Skype UWP app is not affected by this vulnerability.

WMPoweruser

责编内容by:WMPoweruser (源链)。感谢您的支持!

您可能感兴趣的

Does Software Quality Equal Software Security? It ... Software quality and security assurance both concern risk to the organization, but they do so for different reasons. Risk might be mission cri...
ITPro SnapShot: What Else Happened This Week? (Nov... There's a lot of product announcements every week -- and sooner or later, something gets announced that you'll want to know. Every Friday, we'll conne...
Microsoft will now pay up to $250,000 for Windows ... Microsoft is launching a new Windows Bounty Program today, designed to expand its existingsecurity bug bounty programs. While the software giant has ...
Samsung Bug Bounty Program Samsung Bug Bounty Program Written by Lucy Black Thursday, 14 September 2017 ...
Google Warns of DoS and RCE Bugs in Dnsmasq Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposur...