All about the recent Skype vulnerability

Skype’s Android application has a new vulnerability that could enable hoodlums to access the contacts, gallery, and even browser windows by bypassing Android’s phone passcode screen.

Florian Kunushevci, a bug hunter found this vulnerability and revealed it to Microsoft. Explaining the flaw, he said that this flaw permits anybody having somebody’s phone to receive a Skype call and answer it without unlocking the phone. Once the individual picks up the call, they can go to the gallery, access contacts, type and send a message, and access the browser by clicking on the links attached to the message.

Such a flaw could enable culprits or pranksters to access a great deal of private information on the phone without unlocking it with the password.

How was the flaw discovered?

The 19-year-old bug specialist from Kosovo, who is a regular user of the Skype application, found a specific abnormality as to how the application accessed local documents while performing VoIP calls. This is what drove him to explore the issue further.

The specialist soon found that after accepting and answering a Skype call, many phone application functions could be accessed without even having to unlock the phone.

Similar to recently found blemishes in Skype’s iOS applications, this flaw is additionally credited to a security oversight by the application developers. Kunushevci further revealed to The Register:

“For the specific bug that I have found on Skype, it is more of bad design and also a bug in coding. I think to put it all together, humans make mistakes.”

The analyst held up the issue in the public until the issue was fixed in the version of Skype released on December 23, 2018.

It is to be noted that this weakness influences Skype on all Android adaptations. All forms of the Skype application with a version number over for various Android versions incorporate the fix for this bug. Microsoft has not issued any official comment on the issue.

Leave a Reply

Your email address will not be published. Required fields are marked *

Single Column Posts

Single Column Posts Subtitle

Taking a brief note about EOS and its potentiality

EOS represents Ethereum Operating System. EOS is a blockchain network and stage for decentralized applications based on Ethereum. It performs...

Bitcoin [BTC] payments could be available on Japanese E-Commerce giant Rakuten

In a process which could help validate and allow the extensive adoption of crypto assets for day-to-day exchanges and transactions...

Tracking Your Shrimp: WWF-Australia’s Food Supply Chain

BCG Digital Ventures (BCGDV) and the World Wildlife Fund-Australia (WWF-Australia) have joined hands together to launch a brand named as ‘OpenSC’. OpenSC...

IBM, Ford, LG Partner to Track Smartphone, Car Batteries on a Blockchain

Automobile giant, Ford, tech giant IBM, battery maker from South Korea, LG Chem and others have joined hands to build...

EOS is facing a lot of heat as cryptos continue their downward trend

The EOS faced a lot of beating yesterday as all the cryptocurrencies had a downward trend. The fifth ranked cryptocurrency,...