<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar/3767954297259986885?origin\x3dhttp://victorylion.blogspot.com', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Victory Lion's Blogosphere

ವಿಜಯ್ ಸಿಂಹ ಹರಿವಾಣಂ, ಬೆಂಗಳೂರು

Attention "Skype" users

Monday, January 21, 2008


Security researcher Aviv Raff has discovered and demonstrated a flaw within Skype that allows malicious code to be run under certain circumstances. The problem is caused by Skype's web control. The program uses Internet Explorer to render internal and external HTML, but does so using "Local Zone" security settings.

The bug currently affects Skype v.3.6.0.244, and may be present in older versions of the client as well. At this point, the solution is to avoid running video searches via Skype. Simply having the program installed or using its various other functions will not expose a system to potential infection.

Labels:

posted by Jaguar Network, 5:29 AM

0 Comments:

Add a comment