Microsoft to leave Skype bug needing massive rewrite unfixed for now

Microsoft to leave Skype bug needing massive rewrite unfixed for now

Microsoft's Skype app has been around for the longest time ever, but it seems that Microsoft could soon be forced to rewrite the app from scratch, thanks to a recently discovered bug which if exploited, could allow an attacker to gain system-level access to the target's computer through the Skype installer.

Once installed, Skype uses its own built-in updater to keep the software up to date.

"Windows provides multiple ways to do it", cautioned Kanthak, while referring to DLL hijacking. Kanthak said that the attacker needs medium level of expertise to create a malicious DLL and get it to the right location on the victim's file system. The problem could lead to systems being compromised on the Mac, Windows, and Linux platforms.

Security researcher Stefan Kanthak says that the Skype updater can be maliciously modified to trick an application into drawing the wrong DLL library on Windows by creating and renaming a DLL to one Skype would access, then replace it with the original file.

Kanthak said: "An unprivileged (local) user who is able to place UXTheme.dll or any of the other DLLs loaded by the vulnerable executable in '%SystemRoot%\Temp\' gains escalation of privilege to the SYSTEM account". Instead, it chose to put "all resources" into building an altogether new Skype client that would overcome the vulnerability. Skype UWP app is not affected by this vulnerability.

However, the company won't immediately fix the issue because doing so would require a complete code overhaul. "The installer would need a large code revision to prevent DLL injection, but all resources have been put toward development of the new client".

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Related Articles