This article is an automated machine-translation of an article in English. We know the translation isn't perfect, but we hope it's useful for people who don't read English.

警告说,严重的安全问题 - Skype用户帐户可以轻松劫持

Filed Under: Featured, Microsoft, Privacy, Vulnerability

Skype一个严重的安全问题已经被发现在Skype,这让黑客劫持账户只知道用户的电子邮件地址。

下一个Web介绍了,如何重现攻击,访问Skype帐户的工作人员,只知道他们的电子邮件地址,然后改变他们的“受害者”,把他们的密码。

根据下一个Web:

“这个工程的原因很简单,但它的仍然令人担忧。当你使用现有的电子邮件地址与Skype签署再次,在服务电子邮件您提醒您的用户名,这是正常的,因为没有人应该有访问您的电子邮件。不幸的是,因为这种方法使你能够得到一个重设密码令牌发送到Skype应用程序本身,这使得第三方赎回,并声称拥有你原来的用户名和帐户。“

据报道,俄罗斯论坛上记录的问题几个月前,和似乎是容易被利用。

Skype已暂时停用Skype帐户密码重置的报告作出回应,并发表了一份简短的咨询用户:

Skype acknowledges there is a possible problem

“我们有一个新的安全漏洞问题的报告。作为预防措施,我们已暂时停用密码重置,我们将继续进一步调查这个问题。我们带来的不便表示歉意,但用户体验和安全是我们的首要任务”

出于安全原因,在过去,微软拥有的Skype已经成了头条新闻。例如,今年早些时候被指控的缓慢修复一个安全漏洞 ,可能会允许Skype用户的信息,包括受害者的城市,国家,互联网服务提供商和IP地址收集。

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.