14 DAY TRIAL // Skype has patched a security vulnerability affecting Macintosh users by releasing a new version of its VoIP chatting application for Mac OS X - Skype 5.1.59.947.
Last week, Gordon Maddern of security research firm Pure Hacking dished out details of a "Skype 0day vulnerability" on his blog.
He declined to provide details of the exploit until after Skype got on top of the matter. The latter was quick to respond noting that it had released a quick fix in mid-April, but that it would also issue another update the following week.
According to Maddern, the flaw could allow a hacker to gain control of a Mac via a maliciously crafted Skype.
However, according to Adrian Asher blogging for Skype, “this message would have to come from someone already in your Skype Contact List, as Skype's default privacy settings will not let you receive messages from people that you have not already authorized, hence the term malicious contact.”
As of today, the fix is available by downloading the latest version of Skype for Mac.
A patch-grade release, the update also fixes other bugs, including video issues on high-bandwidth networks, in addition to closing the security holes.
As expected, the developer highly recommends that users update to the latest version of Skype for Mac.
Download Skype for Mac OS X (Free)
Reported last week, the Skype vulnerability came as the second warning for Mac users, with security firm Intego reporting that a piece of malware called "MACDefender" would automatically download itself via Safari’s JavaScript onto Macs.
The Texas-based security vendor signaled that the application was very well designed, with a polished, pro-level look and feel.
However, since users must agree to install the software and provide a password, Intego labeled the threat as "low."
Update: report updated with the new Skype version number 5.1.59.947.