skype 0day: pwning through messages

Every now and then I have to give reasons against something like Skype in the enterprise. Here’s a great reason why: 0day Skype messages. Wormable. (via @hdmoore)

The point is not to waggle fingers at Skype (though you could, since they’re closed and not very talkative), but to illustrate the risks inherent in any new technologies brought into the enterprise. (Not that I wouldn’t waggle fingers at Skype anyway, since I believe something like Skype wouldn’t be allowed to be so popular unless there were ways to tap into the voice streams.)