Skype disables password resets over big security flaw2012-11-14 09:06 by DanielaTags: Skype, security
Skype has disabled the account password reset option on its website following reports that the feature can be abused to hijack Skype accounts if the attackers know the email addresses associated with them. Due to this vulnerability, it's possible for a hacker to sign up to Skype for a new account using the same email address as the target. The hacker can then reset the password, not just for that account, but for all accounts with that email address.
The problem was first documented on a Russian forum two months ago. The people who uncovered the flaw reportedly told Skype about it, but the company apparently failed to address the matter until now. Read more -here-
Post your review/comments
rate:
avg:
|