 |
Florian Kunushefci is the 19-year-old from Kosovo who has managed to find a weakness in Skype, and then contacted Microsoft to eliminate this vulnerability.
An error in Skype could give access to Android phones by bypassing the code, in this way different data could be used such as photos, contacts, and even open some browser windows.Kunushefci told Kosovo media that he had contacted Microsoft that has already eliminated the problem.
"The weakness I first reported on October 22 in Microsoft and I received the first response on October 23rd. The reported weakness has taken time until it is adjusted and on December 23 this weakness no longer exists," said Kunushefci.
He shows how discovered this weakness.
"Since I'm a Skype user while I was working with, I had a feeling that something was wrong with an app feature that provided me with more features than I needed. After I've noticed this I started to think differently from a simple user, where after that I've researched and found that I can access the part where Android 'authentication is required."
He points out that this vulnerability is a Skype problem, while is waiting to be rewarded with the "Hall of Fame".
"I think that this vulnerability is more relevant to Skype, as no security measures are foreseen for accessing parts of the application during the application construction. I have reported this weakness to Microsoft and I expecd to be rewarded with 'Hall of Fame' by mid-January among other hackers who have also reported on Skype," he said.
Below you can see a video that demonstrates this vulnerability: