Zero-day flaw in Skype
A critical flaw in Microsoft’s Skype web messaging and call service allows attackers to crash systems and execute code.This week, Vulnerability Lab security researcher Benjamin Kunz Mejri revealed the previously unknown vulnerability in a public security disclosure, saying the stack buffer overflow flaw, CVE-2017-9948, impacts Skype versions 7.2, 7.35, and 7.36. Granted a CVSS score of 7.2, the stack buffer overflow flaw is considered dangerous as it permits attackers to remotely crash the application with an unexpected exception error, to overwrite the active process registers, and to execute malicious code.