Home / Software & Gaming / Microsoft is building a new Skype client to circumvent system permissions bug

Microsoft is building a new Skype client to circumvent system permissions bug

Damien Mason February 14, 2018 Software & Gaming

Microsoft has confirmed that Skype is currently experiencing a security flaw that can endow attackers with system-level privileges, something which is often reserved for the operating system exclusively. Unfortunately for users of the communication platform, it looks like the company isn’t planning on fixing it at all, instead opting for an entirely new build.

Security researcher Ftefan Kanthak uncovered the bug, who explained that the issue is attributed to the Skype automatic update function which can be altered to trick the application into allocating permissions by drawing incorrect code.

“They've reviewed the code and were able to reproduce the issue, but have determined that the fix will be implemented in a newer version of the product rather than a security update,” explains Kanthak regarding his contact with Microsoft. “The team is planning on shipping a newer version of the client, and this current version will slowly be deprecated. The installer would need a large code revision to prevent DLL injection, but all resources have been put toward development of the new client.”

Microsoft has yet to reveal when it will roll out the new client, but it has addressed the issue in a statement to Engadget. “We have a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. Our standard policy is that on issues of low risk, we remediate that risk via our Update Tuesday schedule.​”

Despite it sounding intimidating that someone can gain access to System permissions, it doesn’t seem that Microsoft is particularly concerned with the bug as the hacker would require physical access to the computer to perform the actions required. It is also only limited to the full Skype program on desktop, meaning users of the Universal Windows Platform (UWP) application should be fine.

KitGuru Says: It’s possible that Microsoft is lax on fixing the issue simply because this promotes its dreadful UWP app in a better light, but I still maintain that the desktop version is my preference despite the vulnerability. Do you still use Skype? What version do you use?

Become a Patron!

Tags

Check Also

Microsoft has reportedly teamed up with Asus for first ‘Xbox handheld’

Earlier this week, we learned more about Microsoft's plans for an Xbox handheld. Rather than …

© Copyright 2025, Kitguru.net All Rights Reserved Standard Terms

We've noticed that you are using an ad blocker.

Thank you for visiting KitGuru. Our news and reviews teams work hard to bring you the latest stories and finest, in-depth analysis.

We want to be as informative as possible – and to help our readers make the best buying decisions. The mechanism we use to run our business and pay some of the best journalists in the world, is advertising.

If you want to support KitGuru, then please add www.kitguru.net to your ad blocking whitelist or disable your adblocking software. It really makes a difference and allows us to continue creating the kind of content you really want to read.

It is important you know that we don’t run pop ups, pop unders, audio ads, code tracking ads or anything else that would interfere with the KitGuru experience. Adblockers can actually block some of our free content, such as galleries!