Microsoft fixes Skype account hijack issue

As we reported previously, a major security flaw was discovered earlier this morning on Microsoft's Skype VoIP service, which allowed anyone to obtain a Skype account password via email, and thus hijack any Skype account. Microsoft has now announced this issue has now been fixed.

In a post on the Skype Heartbeat blog, the company's Leonas Sendrauskas stated:

Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience.

Even though Skype and Microsoft have said they have fixed this particular exploit, we would definitely recommend that all Skype users change their passwords immediately just in case.

Source: Skype Heartbeat blog
Hacker keyboard button image via Shutterstock

Report a problem with article
Previous Story

Microsoft project puts Windows 8 on Facebook cover photos

Next Story

Windows Phone 7.8 features leaked in Nokia slide

7 Comments - Add comment