Skip to main content

Skype for Android update plugs info hole

Skype has updated its Android app to fix a vulnerability that left the personal details of its 10 million users open to attack.

The flaw, which was unearthed by Android developer Andrew Case last week, allowed a maliciously-crafted rogue app to uncover privately-stored information including name, date of birth, postal address, telephone numbers and email addresses.

The new version of the Skype app v1.0.0.983, which is available in the Android Market now, changes the permissions of the databases that hold this information, blocking the exploit.

The exploit was originally discovered in a leaked video version of the app which has yet to be patched - so using it before the official version is released is probably not a great idea.

The update also adds 3G calling in the US.