A potential vulnerability has been recently uncovered in the popular Microsoft-owned voice calling and web messaging service, Skype.
This critical vulnerability can allow unscrupulous hackers to induce and remotely execute malicious code that will exploit victims’ PCs.
More precisely, the remote attackers can take advantage of the Skype vulnerability to crash the affected computers.
The security vulnerability is present in the older versions of Skype for Windows.
Needless to mention, Skype is a popular and prevalent software that allows its users to communicate with their peers, friends, clients and family members through a web-based video, voice and instant messaging service.
The online service, as acquired by Microsoft Corporation, has numerous worldwide users who are now at the risk of a critical security vulnerability.
Benjamin Kunz-Mejri, an experienced security researcher at the security firm Vulnerability Laboratory, detected the previously unknown nasty flaw.
The Skype vulnerability deals with stack buffer overflow and has been reported and documented as CVE-2017-9948.
The recently detected flaw has been considered as a high-security risk with a Common Vulnerability Scoring System or CVSS score of 7.2.
The reported stack buffer overflow vulnerability affects the widely used Skype versions including 7.2, 7.35, and 7.36 for Windows 8, Windows 7 and Windows XP.
Vulnerability Laboratory reported this flaw to Microsoft Corporation in May, and the company has since addressed the vulnerability in an update: Version 7.37.178, released in June.
What You Need to Know
According to Vulnerability Lab researchers, this stack buffer overflow flaw can cause critical impact to both remote and local Skype users.
Cyber attackers can easily crash the application by placing a request to overwrite the active process register.
This allows hackers to induce and silently execute their own malicious code on an affected system that is connected to Skype.
The high-risk security vulnerability is located in the clipboard format and cache transmit function (via remote sessions) on Windows-based Skype applications.
The aforementioned functions don’t have any specific restriction or security limitations.
Taking advantage of this critical security flaw, hackers would be able to crash the application and request to overwrite the active software process register.
The attackers can then use their remote computer systems with a shared clipboard in order to provoke this “stack buffer overflow vulnerability” to the victim’s machine.
To exploit and induce this vulnerability, an attacker would have to craft a malicious image file and copy and paste it from the clipboard of their computer system to the Skype conversation window.
When this image file is hosted on remote and local systems, the application then triggers a stack buffer overflow.
Furthermore, this process could cause exceptions and errors, eventually crashing the Skype application and opening opportunities for inducing more exploits.
The researchers have further explained that this vulnerability can affect a dynamic link library of Windows 8 operating systems.
The hackers need a low-privileged Skype account in order to execute their code and launch a successful attack.
Plus, the attackers do not need to directly interact with the victims.
Major Concerns for Skype
The detected security vulnerability doesn’t require any direct user interaction.
Therefore, an attacker has enough opportunities to remotely crash the software by producing an unexpected exception error.
The error then tries to overwrite the active process registers and cause severe impacts on any target system that has the vulnerable Skype version installed.
The vulnerability actually resides in the way the application handles the ‘MSFTEDIT.DLL’ file (a dynamic link library) during the process of placing copy requests on local systems.
How to Protect Yourself
Microsoft Corporation has provided a fix for this critical vulnerability issue in the latest versions of its Skype application, i.e. version 7.37.
However, more widely used versions—like 7.36, 7.35, and 7.2—are still vulnerable to the potential security threat.
Therefore, Microsoft recommends users update their software in order to avoid cyber attacks.