![]() ![]() ![]() What doesn’t sound too bad in the beginning can be a real issue in the long run: if an attacker continuously spams messages with like 800 cat emotes into the chat the GUI basically becomes unusable for the user. 100 is a start, 400 is better, and according to the Sec-Consults 800 is the jackpot Skype for business will freeze for a few seconds while trying to render the chat window. All you have to do is basically spam an incredible amount of emotes into the chat. Using the exploit is as easy as pie – really. All previous versions are vulnerable as well. The vulnerability known as CVE-2018-8546 was discovered by Sec-Consults and affects Lync 2013 (15.0) 64-Bit which is part of Microsoft Office Professional Plus 2013 and Skype for Business 2016 MSO (16.0.93).64-Bit. It’s free, it’s easy to use, and also offers a Business version for companies, called Skype for Business, once known as Microsoft Lync.Īs most messengers it comes with an option to send emotes – which in this case also comes as its downfall: Spam too many of them (like 800 or so) and you will freeze the app. It’s one of the best known video chat messengers with several hundred million users worldwide. If you have family or friends that do not live around the corner but in another country or perhaps even on another continent, you probably know Skype.
0 Comments
Leave a Reply. |