Skype nasty security bug without a massive code rewrite
There is a major flaw or simply a bug within the Skype application during the update process. The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.
You can review the comments by clicking this link Skype’s home-grown updater allows escalation of privilege to SYSTEM
In simple terms the bug can allow an unprivileged user to the full SYSTEM level rights thus granting them access to every corner of the operating system. Microsoft, which owns the voice and video-calling service, said it will not fix the flaw any time soon since the bug would require too much work and man-time.
Possible turning off Skype updates
Bug located by security Kanthak
Security researcher Stefan Kanthak found that the Skype update installer could be exploited with a DLL hijacking technique, which allows an attacker to trick an application into drawing malicious code instead of the correct library. An attacker can download a malicious DLL into a user-accessible temporary folder and rename it to an existing DLL that can be modified by an unprivileged user, like UXTheme.dll. The bug works because the malicious DLL is found first when the app searches for the DLL it needs.
Once installed, Skype uses its own built-in updater to keep the software up to date. When that updater runs, it uses another executable file to run the update, which is vulnerable to the hijacking.
What is UXTheme.dll ?
UXtheme.dll is a module associated with Microsoft® Windows® Operating System from Microsoft Corporation. Non-system processes like uxtheme.dll originate from software you installed on your system.
Quote from Kanthak
An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in %SystemRoot%\Temp\ gains escalation of privilege to the SYSTEM account.
You must be logged in to post a comment.