Специалисты Trustwave нашли бэкдор в Skype для Mac OS X.

Здесь может быть ваша реклама

Исследователи компании Trustwave сообщили, что пользователям Mac-версии Skype стоит срочно обновить приложение. Дело в том, что в Skype Desktop API был найден бэкдор, просуществовавший в коде более пяти лет.

Skype Desktop API (ранее Skype Public API) позволяет сторонним приложениям взаимодействовать со Skype. В нормальных обстоятельствах стороннее приложение должно предоставить для этого учетные данные, однако специалисты Trustwave обнаружили, что процедуру аутентификации можно обойти, получив полный доступ к локальной установке Skype.

Учитывая возможности Desktop API, стороннее приложение или малварь сможет использовать бэкдор для чтения уведомлений о входящих сообщениях, модификации сообщений, создания новых чат-сессий, извлечения списка контактов пользователя, а также для регистрации и записи аудиозвонков. Хуже того, приложение, использующее бэкдор, не будет отображаться в списке Manage API Clients, который может просматривать пользователь, и где он может отозвать допуск к своему Skype-аккаунту.

Исследователи пишут, что не совсем ясно, как появился данный бэкдор. «Существует интересная вероятность, что этот баг – результат добавления в Desktop API бэкдора для конкретной программы, написанной вендором, чтобы иметь доступ к Desktop API  без ведома пользователя. Эта вероятность выглядит весьма правдоподобно, если учитывать, что Desktop API предусматривает недокументированный идентификатор client name (Skype Dashbd Wdgt Plugin)».

Судя по всему, Skype Dashbd Wdgt Plugin – это старое название виджета Skype for Mac Dashboard, который до сих пор используется даже в новых версиях Skype. Однако Skype Dashboard не использует бэкдор в Desktop API. «Это указывает на возможность того, что бэкдор – это результат ошибки разработчиков, которую случайно забыли в коде во время работы над имплементацией плагина Dashboard», — говорят специалисты.

Однако даже если бэкдор – это ошибка разработчиков, она весьма старая. Skype Dashbd Wdgt Plugin встречается в коде прошлых версий Skype для Mac на протяжении более чем пяти лет. Таким образом, уязвимы все версии Skype для Mac, включая Skype 7.35.

По информации Trustwave, патч для данной проблемы был представлен 26 ноября 2016 года, так что всем, кто давно не обновлял Skype, настоятельно рекомендуется сделать это как можно скорее.

Фото: C_osett
Источник — xakep.ru

is the nfl alienating female fansIn London, constables are encouraged to live in their boroughs where possible and to see themselves as part of the community, which is a good idea philosophically, but can have its consequences. For instance, two Essex officers decided to execute a warrant on a gang of importers on Christmas Eve and tore apart every single present under the tree, just to let them know who’s boss. «I am unable to provide you with the dates.»In October 2014, CBS News was first to report that the Las Vegas Metropolitan Police Department had a backlog of over 5,000 untested rape kits in storage. As of December, the Sharper case had yet to be transferred to the Clark County Prosecutor’s office.By then, Sharper was facing sexual assault charges in Arizona, Louisiana and California as well as federal charges.The two victims in the alleged Las Vegas cheap mlb jerseys assault lived in Massachusetts at the time and were on vacation. Some will even bring up cheap China Jerseys alleged indiscretions from his college playing career, although a stolen laptop and the possibleacceptance of illegal payouts from schools to retain his services pale in comparison to oakley sunglasses some of the activities cheap oakleys sunglasses other recent student athletes have been accused of. And unlike many others, he went back to school last year to earn a sociology degree, several years into his NFL career, to fulfill a commitment he’d previously made to his mother.. Russell Wilson is under 5’11. If I had to compare Manziel to another NFL quarterback I would say he is part Wilson, part Brees and part Brett Favre. A lot of that damage was done by the running of Michigan quarterback Denard Robinson (258 yards on 28 rushes last week) and the Irish have only allowed an average of 3.5 yards per rush to non quarterbacks this season and Michigan State’s Kirk Cousins is not a running quarterback. I still think Michigan State will do custom jerseys some damage on the ground in this game and Cousins’ passing is better than Notre Dame’s good pass defense (5.0 yards per pass play allowed). California middle school students using an iPad based algebra course scored 30.5 percent higher on benchmark proficiency tests than NFL Jerseys China students using traditional textbooks, as part of Houghton Mifflin Harcourt Fuse program, and homework compliance increased. At the same time, their teachers saw an 11 percent rise in language arts scores using the tablets in class.. Lift the roller and roll it down the slope of the pan, stopping just short of the well. Do this two or three times to allow the paint to work into the roller. The wire is much thicker cheap oakleys than this I believe. They are very inflexible and hard, so you need something very tough to cut them.
crystal palace manager alan pardew faces his moment of truth against swanseaBut it’s still somewhat surprising to learn that Paul Revere got sole credit for the ride because «Revere» cheap jerseys rhymed with «hear.» We wish we were joking. Longfellow was not out to write accurate history, in fact he gets many other facts seriously wrong in his poem. What he wanted was a poem that reminded those who read it of the glorious beginnings of the United States. Franklin admits that having such a large line at his restaurant does bring a lot cheap nhl jerseys of pressure with it, «‘Cause you’ve got all these people showin’ up before the food’s even ready. What if you mess up? They’re already here. We just keep our heads down and keep workin’. Based in Maryland, Joss Cues is a truly family owned company that has been making billiards cues since 1968. Today, cuemaker Dan Janes and son Stephen Janes make some of the most beautiful, high performance cues on the market. The Janes have made custom cues for many famous players and celebrities, and few people know that the famous «Balabushka» cue in the Oscar winning film «Color of Money» was actually a Joss Cue. Place the bucket strategically and be ready to move it if you have to. Wipe any spillage up with shop rags as antifreeze attracts pets and animals because of its sweet smell cheap oakleys and taste, but is extremely poisonous. Whether the radiator drained from the plug or the hose, it’s a good idea while you’re cheap nba jerseys under the vehicle to remove any other attachments below. Second: Where are the referee suspensions. If things were so bad, why were the flags not thrown. Somebody must have broken the rules to deserve these suspensions. Of course CEO compensation tied oakley outlet to incentives is only a positive for shareholders if it is related to appropriate targets. A board can set a substantial incentive structure but negate it with easy to reach targets or limited downside. Fortunately for many shareholders in the peer set, this is not an issue with those CEOs holding equity from earlier in the companies’ histories. While your diet should contain mainly healthy whole foods, such as lean meats, low fat dairy, different types of fish, fruits, vegetables, beans and whole grains, there is a little room for some cheap oakleys sunglasses not so healthy cheap nfl jerseys foods. You needn avoid any food completely, as even elite athletes allow themselves to indulge every now and again. Lolo Jones, for instance, is a fan of hot wings, Usain Bolt reportedly fuels up for races with chicken nuggets and NFL player Osi Umenyiora is a fan of a British classic, fish and chips..

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *