Industry News

Bug in Skype Lands Conversations in Wrong Windows

IM provider Skype appears to have made a major privacy error yesterday, which may have unforeseen consequences for its users. According to multiple support requests on the Skype forums, instant message delivery has become impossible or, even worse, have been delivered to random Skype users.

Image credit: Skype

“Messages sent by one contact (2 lines out of a hundred or so) were sent to another contact of mine. These 2 contacts are not connected on Skype. The 2 IMs appeared to be sent by me, so the other contact asked me if I sent them by mistake,” wrote one customer on the Skype support forum.

Skype has confirmed the existence of this bug in an official statement. It appears the glitch only occurs when the Skype application crashes while a session is established. This leads to the message sent just prior to the crash to be delivered to a random contact.

“ This issue occurs only when a user’s Skype client crashes during a Skype IM session, which may in some cases result in the last IM entered or sent prior to the crash being delivered to a different IM contact after the Skype client is rebooted or logged in as a new user,“ Leonas Sendrauskas, Web QA engineer at Skype, said in a blog post.

The company can’t estimate the number of affected customers, but, since the bug only manifests when the application crashes, the company believes few customers have been impacted. However, Skype is not only used by end-users, but is also a means of internal or external communication within companies, where data disclosure could have a different impact.

Skype is currently preparing a hotfix to address the issue and advises its customers to update as soon as it becomes available.

About the author

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.