If Skype’s auto-update feature has not told you already (which you would encounter when logging out of and back into Skype anytime after 10 a.m. EST this morning), Skype released a hotfix update this morning which addresses some security and crashing issues.
In particular the cross-zone scripting vulnerability that led to closing access to the Metacafe and Dailymotion video sources for sharing via Skype Chat windows and mood message feature has been addressed. Issues such as the inability to answer a second call and to start video when plugging in a webcam during a call have also been resolved. On the other hand while the hotfix has addressed several situations that were causing the Skype client to crash, I still lost a call this afternoon where my Skype client “self-closed” when a called party answered my call. A complete list of fixes is at the link above.
Thjs version also introduces a whitelist/blacklist feature designed to prevent malicious use of the Skype API and potential worm attacks. More details are in the January Developer Newsletter with the following article summary:
Recent attacks to Skype public API have made imperative to define a solution in fighting worm and virus attacks to it. Following up a request by the Security Team to address this issue and take a preventive action, this type of attack also puts at stake Skype’s reliability and security towards our user base.
There will be two levels of White- and Blacklist – Local and Global.
Download the hotfix release here. Can also be accessed via “Help | Check for Updates” in your Skype client. Highly recommended if only for the security issues addressed.
Tags: Skype, Skype 3.6, Skype Security
Powered by Qumana