Author Topic: Security hole in Skype  (Read 1120 times)

0 Members and 1 Guest are viewing this topic.

Offline Frands

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 664
    • View Profile
Security hole in Skype
« on: November 14, 2012, 09:48:46 AM »
Hi :) ,

FYI:

A new security hole has been discovered in Microsoft’s Skype that allows anyone to change your password and thus take over your account. The issue was first posted on a Russian forum two months ago and has been confirmed by The Next Web.

Please read on here:http://thenextweb.com/microsoft/2012/11/14/security-hole-allows-anyone-to-hijack-your-skype-account-using-only-your-email-address/

Update: This morning at 5:44 EST (New York Time) Microsoft has closed the password reset function in Skype and the security hole will be investigated.

My search: http://www.version2.dk/

Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Avast! Antivirus Home Version
Comodo Firewall
SuperAntiSpyware Pro  
Malwarebytes' Anti-malware Pro
Home Forums: http://www.spywarefri.dk/forum
http://nikonites.com


Offline Frands

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 664
    • View Profile
Re: Security hole in Skype
« Reply #1 on: November 14, 2012, 12:54:13 PM »
Hi :) ,

Update:

According to Microsoft.dk, it is not longer  necessary to change your Skype username and password, but it necessary to check if someone has been around acount if you don't use your Skype often.
Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Avast! Antivirus Home Version
Comodo Firewall
SuperAntiSpyware Pro  
Malwarebytes' Anti-malware Pro
Home Forums: http://www.spywarefri.dk/forum
http://nikonites.com


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14736
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Security hole in Skype
« Reply #2 on: November 14, 2012, 01:23:29 PM »
At http://heartbeat.skype.com/2012/11/security_issue.html

Quote
We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14736
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Security hole in Skype
« Reply #3 on: November 14, 2012, 02:03:40 PM »
Resolved: 

Quote
[UPDATE:14/11/2012@15:28GMT]
Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience.
http://heartbeat.skype.com/2012/11/security_issue.html


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Temmu

  • The Assimilator
  • Hero Member
  • *****
  • Posts: 5404
    • View Profile
    • gooooooooogle
Re: Security hole in Skype
« Reply #4 on: November 14, 2012, 11:55:53 PM »
it sounds like the affected accounts were only vulnerable to their owner. yes?
5 skype accounts, 1 email address = 1 user (likely)