Call Southeastern Data at 1-800-810-0432 for your electornic recycling needs.

Latest Skype Version may have a Dangerous Flaw

According to a group of German security researchers, the latest Skype version may have a dangerous flaw which might allow the malicious injection of an HTML/JavaScript code into the phone session of a user.
 

The security team released an advisory on Wednesday, which said the following:

“An attacker could for example inject HTML/JavaScript code. It has not been verified though, if it’s possible to hijack cookies or to attack the underlying operating system. Attacker could give a try using extern .js files.”

 

Skype denied there was any concern by saying the following:

“We have had this reported to us by various media outlets and have confirmed that the person is mistaken, this is not a web window and while it does cause a phone number to be underlined, does nothing other than this.”

The researchers responded by saying that unsafe content can be displayed as a user views a profile that is “booby-trapped,” which would work by inserting the JavaScript command or website address where the phone number would be expected to be, because the entries in (city, office and mobile phone, and home) are embedded by HTML.