A security researcher has found a critical vulnerability in Microsoft’s Skype that allows an attacker to take full control over the system. Microsoft is aware about the vulnerability since September last year, but hasn’t fixed the issue yet. According to the software giant, a fix for the issue needs a “large code revision”.
The vulnerability poses a great risk for users because it allows an attacker to escalate his privileges. This way an attacker can also gain access to the entire computer.
The vulnerability is in the Skype Update Installer, which is vulnerable to a method called DLL hijacking. With this method, attackers can prepare a malicious DLL and store it in a temporary folder to which the logged-in user has access. When an attacker has renamed the original DLL, the Skype Update Installer will look search the rest of the computer for a DLL with the same name. When the installer finds the DLL prepared by the attacker, it will use that one and execute the malcious code.
The security researcher who discovered the issue claims there are simple scripts that are able to perform such an attack and that work on Windows, Mac OS and Linux.
Previously Skype was relatively uninteresting for attackers, because the application ran with the rights of the logged in user. However now it’s possible to relatively easily elevate user rights, this might change quickly.