A security flaw in Skype can allow an attacker to gain system-level privileges in PCs

科技动态 2018-02-14

A new security vulnerability in Skype for Windows desktop was revealed yesterday. Skype desktop app comes with its own updater tool that periodically runs to keep the Skype app up to date. When an update is available, Updater tool copies/extracts another executable as “%SystemRoot%TempSKY.tmp” and executes it using the command line

“%SystemRoot%TempSKY.tmp” /QUIET. A security researcher has found that this executable is vulnerable to DLL hijacking.

It loads at least UXTheme.dll from its application directory %SystemRoot%Temp instead from Windows’ system directory. An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in %SystemRoot%Temp gains escalation of privilege to the SYSTEM account.

This vulnerability was report to Microsoft and Microsoft’s response is quite sad. Microsoft is not planning to update the Skype Updater tool, instead they will release this fix in a newer version of Skype app.

The team is planning on shipping a newer version of the client, and this current version will slowly be deprecated.

As the current Skype app would need a large code revision to prevent the above described DLL injection, Microsoft has decided not to fix it. However, Microsoft mentioned that all the resources have been put toward development of the new client. Skype UWP app is not affected by this vulnerability.

WMPoweruser

责编内容by:WMPoweruser (源链)。感谢您的支持!

您可能感兴趣的

Security Researcher Discovers Method for Brute For... A USB-based vulnerability that allows for the brute forcing of a passcode on an iOS device has been discovered by security researcher Matthew Hick...
Casino Gets Hacked Through Its Internet-Connected ... Internet-connected technology, also known as the Internet of Things (IoT), is now part of daily life, with smart assistants like Siri and Alexa to...
Russia Bans Telegram, China’s Facial Recogni... It was the week of Zuck. As Facebook founder and CEO Mark Zuckerberg slogged through more than 10 hours of testimony in front of two different Co...
起底跨境冒充公检法电诈:别墅窝点话务员按章施... 8月24日,44名冒充公检法类跨境电信网络诈骗犯罪嫌疑人被中国公安机关从马来西亚押解至浙江省温州市。本文图片均警方供图 8月24日21时许,随着一架中国民航包机降落在浙江温州龙湾机场,44名冒充公检法类跨境电信网络诈骗犯罪嫌疑人被中国公安机关从马来西亚押解至浙江省温州市,据公安部有关负...
Summer SOTI – Web Attacks Continuing Changes Welcome to the second blog post for the Summer 2018 State of the Internet / Security . If you’ve read the SOTI / Security r...