Posts Tagged ‘bug’
Skype fixes massive flaw that allows people to hack your account by simply knowing your email addressNovember 18th, 2012 • 3 Comments
Skype, when it’s working, is actually very easy to hack into. All you need is a user’s email address and you can hijack an account without too much fuss.
New Skype IDs could be created with an email address of an intended victim, enabling hackers to assume control of the account using an online password reset form. All those mucky conversations you’ve been having? Easily accessible.
And finally, Skype have fixed this password reset bug, so your account is safe.
Skype disabled the password reset facility on Wednesday and, after nearly a week, Skype said that they’d got everything fixed and admitted that a “small number of users” had been hacked.
They said: “Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience.”
Yet again, Apple have released a new device only to find that there’s a pretty noticeable bug inherent in it. With the iPhone 4, it was the antenna problem that led to dropped calls, while with the iPad 2, if memory serves us correctly, it was the release of toxic gas into the surrounding air whenever a user got to the end of a stage on Angry Birds.
Now, with the new iPhone 4S, punters are moaning about battery drainage, more specifically the fact that the battery level is dropping by as much as 15% per hour, even when they’re not doing anything with the phone. Yikes.
Some brainiacs have suggested that the fault lies with the ‘Setting Time Zone’ feature that is theoretically draining your juice by regularly checking your location. That has yet to be confirmed or denied. It has been suggested that the drainage problem is affecting the 4S and the iPad 2, and is as a result of the new iOS5 software system.
But have no fear, because Apple are ready to spring into action and save the day. They say that there are ‘a few bugs’ and that they’ll be rectified with the release of some updated software in ‘a few weeks’. A FEW WEEKS? Is no one running things over there any more??
Are you an iDevice user? Has your battery life gone wonky since the launch of iOS5? Tell us damn you!
If you’re still using Microsoft’s Internet Explorer (IE) browser, then let Bitterwallet be the first to congratulate you on finally buying a computer. Worked out what all the buttons do yet? Go you!
Anyway, if you’re still using IE, you’ll be thrilled to learn that Microsoft have issued a warning about a serious vulnerability in all versions of it. This is the skinny: The bug kicks in from a booby-trapped page which allows attackers to take control of your computer.
Microsoft have put out a makeshift workaround fix for the bug while they work on a permanent fix.
The Beeb report that the bug revolves around the way that IE manages your computer’s memory when processing Cascading Style Sheets – technology that defines the way pages look online.
Criminals have long preyed on IE’s great gaping security holes and this latest one allows them to put malicious code into the stream of instructions when a browser is being used. Microsoft has produced updates that improves memory management but these probably won’t work when older parts of Windows are called upon.
In a statement Microsoft said it was “investigating” the bug and while you wait for them to sort it out, they recommended that you use the catchily named Enhanced Mitigation Experience Toolkit to protect your computer.
Of course, this will be a massive ballache as you’ll invariably have to update the version of the operating system you’re using.
“As vulnerabilities go, this kind is the most serious as it allows remote execution of code,” said Rik Ferguson, senior security analyst at Trend Micro, “This means the attacker can run programs, such as malware, directly on the victim’s computer. It is highly reminiscent of a vulnerability at the same time two years ago which prompted several national governments to warn against using IE and to switch to an alternative browser.”