Skype can't fix a nasty security bug without a massive code rewrite

Skype can't fix a nasty security bug without a massive code rewrite-zdnet.com
The bug grants a low-level user access to every corner of the operating system.

A security flaw in Skype's updater process can allow an attacker to gain system-level privileges to a vulnerable computer.

The bug, if exploited, can escalate a local unprivileged user to the full "system" level rights -- granting them access to every corner of the operating system.​

But Microsoft, which owns the voice- and video-calling service, said it won't immediately fix the flaw, because the bug would require too much work.

 

No wonder there hasn't been a Skype update for over a month The Micro$h4ft clowns have not an idea of how to proceed

Skype user =

 

The MSI Installer of Skype which is the lean and clean version with no toolbars, extensions, and minimal to no ads if you know what to put in your HOSTS file is now gone, if you click on the link which used to download the latest version, now it only gives you the option to get the crippled Skype from Windows store which is garbage, I've had a user before who couldn't even see or accept my invitation because he was using the Windows Store Skype not knowing it's crippled and that there is an actual Windows for Desktop Skype~

OLD MSI Installer for SKYPE RIP = http://www.skype.com/go/getskype-msi

 

Hey, give Microsoft a break - they're too busy destroying the Windows platform to bother fixing such a security flaw.

 

Thurrott: Stop the relentless release of new Windows versions
Posted on February 12th, 2018 at 10:23 woody Comment on the AskWoody Lounge
Another great post in (paywalled) Thurrott.com premium:

Apple will slow down the addition of new features to iOS in order to focus on quality. This is exactly the strategy that Microsoft needs to adopt. In fact, it’s years overdue.

Amen, bro.

One little observation. Paul says that Microsoft will soon be forced into a three-year support cycle and “at that point, we’re pretty much back to where we started.” Which is correct, but there’s a subtlety: When Windows as a Service gets out to three years of support, there will be six (or more!) versions of Win10 being supported.​

We’re already on two years with 1511, 1607, 1703 and 1709.

Version Released End of service Days
Home/Pro Ent/ Ed for Ent
Win10 1709 17-Oct-17 9-Apr-19 8-Oct-19 721
Win10 1703 5-Apr-17 9-Oct-18 9-Apr-19 734
Win10 1607 2-Aug-16 10-Apr-18 9-Oct-18 798
Win10 1511 10-Nov-15 10-Oct-17 10-Apr-18 882
Win10 1507 9-Jul-15 9-May-17 670
Microsoft’s digging itself into a support nightmare even worse than the one we have today.

Maybe Micro$haft should follow Apple on this as well? They have already stolen all of their clothes so far. So why not?

 

Microsoft Won't Patch a Severe Skype Vulnerability Anytime Soon
https://thehackernews.com/2018/02/hacking-skype.html

 

I just updated to Skype desktop app using Win 8 compatibility because UWP app didn't work at all.

 

Earlier this week, details of a serious security gap in Skype appeared. This was related to the software update client and allowed hackers to control the infected system by tricking the program to load malicious DLL files.
Stefan Kanthak, who discovered the security hole, drew Microsoft attention to the problem, but then received the answer that they will not put resources to remedy it.

However, Microsoft now announces that the security hole was fixed as with Skype version 8, released in October 2017.
The security hole is in version 7.40 and earlier of Skype, and the company has now removed it from its website. They tell everyone that updated to the latest version of Skype is already safe when it comes to intrusion using the newly discovered method.
​

Microsoft also confirms that the security hole was related to Skype's update client, not the software itself. When discovered, they reported that they are working on a brand new version of Skype, and earlier data tells that this will merge with the company's chat client teams.

Update on Skype for Windows desktop installer – version 7.40 and lower

 

Download Skype Desktop App and use W8 compatibility mode to install on W10 because it recommends UWP app which doesn't work correctly.

 

Microsoft has decided to extend support for Skype 7.x