Skype Password Reset Flaw Allows Hijacking of User Account
Microsoft, who acquired Skype last year, had to temporarily disable Skype.com Reset Password page due to the fact that, a user’s account could be taken over by someone who knows the e-mail address associated with their Skype account. The flaw was reported on a Russian website a few months but, Microsoft said they were notified earlier this morning of the flaw.
They have made changes to the password reset process and the reset password page is now working properly.
The flaw allowed multiple Skype accounts to be registered with the same e-mail address. If someone knows the e-mail address associated with your Skype account, that person could register a new Skype account with it and take control of your account (hijack) by using the password reset page to change your password.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.