
Skype Security Blog: Security Vulnerability in Mac Client Has Been Addressed - bradleyland
http://blogs.skype.com/security/2011/05/security_vulnerability_in_mac.html
======
loganlinn
_As there were no reports of this vulnerability being exploited in the wild,
we did not prompt our users to install this update_

I don't think that qualifies as logical risk management. To me, it's like
saying, "I haven't been in a car wreck so far, so I wont use my seat belt".

~~~
wglb
My dad has a saying like that. "Tires are like insurance. When you need it, it
is too late."

------
moe
It is not addressed until they release a fix for Skype 2.8 or explain that it
is not affected.

Every Mac user I know is still running 2.8 and avoiding Skype5 like the plague
because of the broken interface.

~~~
bradleyland
2.8 is not affected. Straight from a Skype PR rep:

<https://twitter.com/#!/chaimhaas/status/66652911769354240>

"chaimhaas: @bradleyland @skype Nope, Skype 2.x does not have this
vulnerability."

There was speculation that the vuln might have been introduced with the
changes to the rendering engine used in Skype 5. It appears that this might be
the case.

------
abraham
I'm running v5.1.0.914 but when I "click on Skype -> Check for Updates" I get
notified there is "no new updates".

~~~
philfreo
Same here. And their blog's "leave a comment" button is broken...

------
ballard
Skype download site currently has 5.1.0.922 (20.2 MB) sha1:
8656569894e7b5146e25746b664b687b3c295d80

[http://www.skype.com/intl/en-us/get-skype/on-your-
computer/m...](http://www.skype.com/intl/en-us/get-skype/on-your-
computer/macosx/downloading/)

