Independent security researcher, Yossi, has stated that Microsoft’s Skype is currently facing security issues. This problem could let hackers get users’ IP addresses by opening a message with a link. According to 404, this security problem lets hackers access people’s general location once said message is opened.
Following this, Microsoft stated that the problem was just patched after it was revealed that Skype could be vulnerable to a hacking attack. Yossi affirmed that the security flaw is serious, as it does not matter what site the link takes users to. To prove this, the researcher was able to access the IP addresses of users, even when a virtual private network (VPN) (which supposedly changes the location) was used.
About the issue, Microsoft stated that “closure of an IP address is not considered a security vulnerability on it’s [sic] own,” and later affirmed that the flaw “does not meet the definition of a security vulnerability” and it did not“require immediate servicing.”
404 Media later contacted Microsoft and the Washington-based company talked about the problem saying that it would handle it as “a future product update,” but it did not confirm any plan or specific date to fix it. As a result, hackers could still be exploiting the vulnerability until Microsoft decides to take action. Because of this, users’ information could potentially be released or exposed without people’s consent. As of now, Microsoft has not addressed the issue again.