Serious Skype vulnerability requires a 'large code revision' to fix

Doris Richards
February 14, 2018

Skype desktop app comes with its own updater tool that periodically runs to keep the Skype app up to date.

The vulnerability, discovered by security researcher Stefan Kanthak, allows a hacker to modify the Skype updater to draw on a malicious DLL library instead of the genuine one provided by Microsoft, giving the attacker access to a victim's PC. The bug works because the malicious DLL is found first when the app searches for the DLL it needs.

"Windows provides multiple ways to do it", cautioned Kanthak, while referring to DLL hijacking.

This not only affects Windows computers, but apparently can be applied to Macs as well. An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in %SystemRoot%\Temp\ gains escalation of privilege to the SYSTEM account.

"'System" is "administrator' on steroids", he added. Once trespassed, hackers could potentially copy or delete critical files, install rogue apps, access confidential information, and do pretty much anything possible to the infected system. This basically means, for now the Skype vulnerability stays untreated.

They also stated that if and when a fix were to come, it would arrive in a "newer version" of Skype rather than through a security update, and that Microsoft is putting "all resources" into building a brand new client, although exactly when that new client will be released is anyone's guess.

Kanthak informed Microsoft of the bug in September, but the software giant said issuing a fix would require the updater go through "a large code revision".

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Other reports by Iphone Fresh

Discuss This Article