Skype’s integration with Facebook is being touted as “the best of both worlds” but the new Skype 5.5 for Windows update contains a highly-critical security flaw that allows Skype session hijacks or even full system compromise.
The vulnerability surfaced after David Vieira-Kurz posted the proof of concept video above to the Secalert website. Apparently, he had "found a few security issues which makes it possible to hijack a Skype Session and compromise a user's system due to a lack output sanitization." According to an advisory posted at secalert.net, an attacker can exploit a system even if the victim is not a Facebook friend or a Skype contact.
The Skype security blog has not yet acknowledged the flaw.
The vulnerability surfaced after David Vieira-Kurz posted the proof of concept video above to the Secalert website. Apparently, he had "found a few security issues which makes it possible to hijack a Skype Session and compromise a user's system due to a lack output sanitization." According to an advisory posted at secalert.net, an attacker can exploit a system even if the victim is not a Facebook friend or a Skype contact.
The Skype security blog has not yet acknowledged the flaw.
The Following Video Will Clarify the Entire Matter:-