February 2008

We’ve seen some instances where a chat message masquerading as a link to an image file instead leads to a piece of malware. The chat messages may look similar to this:

If you receive something like this through a Skype chat message, do not be alarmed. Instead, ignore it and block the sender. Do not click on the link or open the file that the link points to.

When executed, however, the Trojan downloader creates a Microsoft Studio Files folder in the Program Files directory, populating it with a copy of itself (lsass.exe) as well as a script file (vcdg.bat) that helps it bypass the Windows firewall. The program also changes the Windows registry to enable automatic execution upon Windows startup and to bypass the Windows firewall. Following these steps, the program downloads files into the infected system.

The Skype security team would like to remind users to keep their antivirus software updated and maintain a skeptical eye toward chat messages that don’t seem quite right and contain internet links, whether they appear to come from friends or total strangers.

We recently disabled the ability to use Skype’s Live tab to download clips from the Dailymotion and Metacafe video galleries. We took this step as a cautionary measure after security researchers found a vulnerability in Skype 3.5 and 3.6 for Windows that would have allowed an attacker to execute arbitrary code on a Skype user’s Windows PC without their consent.

As we said in our post on January 18, the measure would be temporary. That is, until an official fix to the vulnerability would be made available. We are pleased to report that the core vulnerability has now been addressed and a fix is included in the latest build of Skype for Windows, 3.6.0.248.

For those who have upgraded to the latest build, we have now re-enabled video downloads from both Dailymotion and Metacafe. Users of older versions of Skype for Windows will not be able to access these video galleries and will need to upgrade.

Last but not least, we’d like to encourage all users to frequently upgrade their version of Skype. This helps ensure that the Skype experience is safer and more enjoyable.