{"id":766,"date":"2018-02-15T14:54:03","date_gmt":"2018-02-15T19:54:03","guid":{"rendered":"https:\/\/www.baronsoftware.com\/Blog\/?p=766"},"modified":"2018-02-15T14:54:03","modified_gmt":"2018-02-15T19:54:03","slug":"skype-cant-fix-nasty-security-bug-without-massive-code-rewrite","status":"publish","type":"post","link":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/","title":{"rendered":"Skype nasty security bug without a massive code rewrite"},"content":{"rendered":"

\"\"<\/h3>\n

Skype nasty security bug without a massive code rewrite<\/h3>\n

There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.<\/p>\n

You can review the comments by clicking this link\u00a0Skype’s home-grown updater allows escalation of privilege to SYSTEM<\/b><\/a><\/p>\n

In simple terms the bug can allow an unprivileged user to the full SYSTEM level rights thus granting them access to every corner of the operating system.\u00a0 \u00a0Microsoft, which owns the voice and video-calling service, said it will not fix the flaw any time soon since the bug would require too much work and man-time.<\/p>\n

Possible turning off Skype updates<\/a><\/p>\n

Bug located by security Kanthak<\/h4>\n

Security researcher Stefan Kanthak found that the Skype update installer could be exploited\u00a0with a DLL hijacking technique, which allows an attacker to trick an application into drawing malicious code instead of the correct library. An attacker can download a malicious DLL into a user-accessible temporary folder and rename it to an existing DLL that can be modified by an unprivileged user, like UXTheme.dll. The bug works because the malicious DLL is found first when the app searches for the DLL it needs.<\/p>\n

Once installed, Skype uses its own built-in updater to keep the software up to date. When that updater runs, it uses another executable file to run the update, which is vulnerable to the hijacking.<\/p>\n

What is UXTheme.dll ?<\/h4>\n

UXtheme.dll is a module associated with Microsoft\u00ae Windows\u00ae Operating System from Microsoft Corporation. Non-system processes like uxtheme.dll originate from software you installed on your system.<\/p>\n

Quote from Kanthak<\/h5>\n
An unprivileged (local) user who is able to place UXTheme.dll or\r\nany of the other DLLs loaded by the vulnerable executable in\r\n%SystemRoot%\\Temp\\ gains escalation of privilege to the SYSTEM\r\naccount.<\/pre>\n","protected":false},"excerpt":{"rendered":"
Skype nasty security bug without a massive code rewrite There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer. You can review the comments by clicking this link\u00a0Skype’s home-grown updater allows […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":[],"rop_publish_now_history":[],"rop_publish_now_status":"pending","_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[4,3],"tags":[15,155,156,157,158],"class_list":["post-766","post","type-post","status-publish","format-standard","hentry","category-microsoft-development","category-software-events","tag-microsoft","tag-skype","tag-software-bug","tag-updater","tag-uxtheme-dll"],"yoast_head":"\nSkype nasty security bug without a massive code rewrite - Baron Software<\/title>\n<meta name=\"description\" content=\"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Skype nasty security bug without a massive code rewrite\" \/>\n<meta property=\"og:description\" content=\"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/\" \/>\n<meta property=\"og:site_name\" content=\"Baron Software\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-15T19:54:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"492\" \/>\n\t<meta property=\"og:image:height\" content=\"98\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"richard@baronsoftware.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Skype nasty security bug without a massive code rewrite\" \/>\n<meta name=\"twitter:description\" content=\"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1\" \/>\n<meta name=\"twitter:creator\" content=\"@Rbaroniunas\" \/>\n<meta name=\"twitter:site\" content=\"@Rbaroniunas\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"richard@baronsoftware.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/\"},\"author\":{\"name\":\"richard@baronsoftware.com\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#\\\/schema\\\/person\\\/079d370e4230be9d5f75885bb33dd8cd\"},\"headline\":\"Skype nasty security bug without a massive code rewrite\",\"datePublished\":\"2018-02-15T19:54:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/\"},\"wordCount\":287,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/BaronSoftwareLogo_2018.fw_-1.png\",\"keywords\":[\"Microsoft\",\"Skype\",\"Software Bug\",\"Updater\",\"UXTheme.DLL\"],\"articleSection\":[\"Microsoft Development\",\"Software Events\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/\",\"url\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/\",\"name\":\"Skype nasty security bug without a massive code rewrite - Baron Software\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/BaronSoftwareLogo_2018.fw_-1.png\",\"datePublished\":\"2018-02-15T19:54:03+00:00\",\"description\":\"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1\",\"width\":492,\"height\":98},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Skype nasty security bug without a massive code rewrite\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#website\",\"url\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/\",\"name\":\"Baron Software\",\"description\":\"Highest Quality Software Developed.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#organization\",\"name\":\"Baron Software\",\"url\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i2.wp.com\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/BaronSoftwareLogo.fw_.png?fit=1920%2C400&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i2.wp.com\\\/www.baronsoftware.com\\\/Blog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/BaronSoftwareLogo.fw_.png?fit=1920%2C400&ssl=1\",\"width\":1920,\"height\":400,\"caption\":\"Baron Software\"},\"image\":{\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/Rbaroniunas\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.baronsoftware.com\\\/Blog\\\/#\\\/schema\\\/person\\\/079d370e4230be9d5f75885bb33dd8cd\",\"name\":\"richard@baronsoftware.com\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g\",\"caption\":\"richard@baronsoftware.com\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Skype nasty security bug without a massive code rewrite - Baron Software","description":"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/","og_locale":"en_US","og_type":"article","og_title":"Skype nasty security bug without a massive code rewrite","og_description":"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.","og_url":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/","og_site_name":"Baron Software","article_published_time":"2018-02-15T19:54:03+00:00","og_image":[{"width":492,"height":98,"url":"https:\/\/i1.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1","type":"image\/png"}],"author":"richard@baronsoftware.com","twitter_card":"summary_large_image","twitter_title":"Skype nasty security bug without a massive code rewrite","twitter_description":"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.","twitter_image":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1","twitter_creator":"@Rbaroniunas","twitter_site":"@Rbaroniunas","twitter_misc":{"Written by":"richard@baronsoftware.com","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#article","isPartOf":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/"},"author":{"name":"richard@baronsoftware.com","@id":"https:\/\/www.baronsoftware.com\/Blog\/#\/schema\/person\/079d370e4230be9d5f75885bb33dd8cd"},"headline":"Skype nasty security bug without a massive code rewrite","datePublished":"2018-02-15T19:54:03+00:00","mainEntityOfPage":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/"},"wordCount":287,"commentCount":0,"publisher":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/#organization"},"image":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png","keywords":["Microsoft","Skype","Software Bug","Updater","UXTheme.DLL"],"articleSection":["Microsoft Development","Software Events"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/","url":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/","name":"Skype nasty security bug without a massive code rewrite - Baron Software","isPartOf":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#primaryimage"},"image":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png","datePublished":"2018-02-15T19:54:03+00:00","description":"There is a major flaw or simply a bug within the Skype application during the update process.\u00a0 The security of your system can allow an attacker to gain system-level privileges to a vulnerable computer.","breadcrumb":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#primaryimage","url":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/BaronSoftwareLogo_2018.fw_-1.png?fit=492%2C98&ssl=1","width":492,"height":98},{"@type":"BreadcrumbList","@id":"https:\/\/www.baronsoftware.com\/Blog\/skype-cant-fix-nasty-security-bug-without-massive-code-rewrite\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.baronsoftware.com\/Blog\/"},{"@type":"ListItem","position":2,"name":"Skype nasty security bug without a massive code rewrite"}]},{"@type":"WebSite","@id":"https:\/\/www.baronsoftware.com\/Blog\/#website","url":"https:\/\/www.baronsoftware.com\/Blog\/","name":"Baron Software","description":"Highest Quality Software Developed.","publisher":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.baronsoftware.com\/Blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.baronsoftware.com\/Blog\/#organization","name":"Baron Software","url":"https:\/\/www.baronsoftware.com\/Blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.baronsoftware.com\/Blog\/#\/schema\/logo\/image\/","url":"https:\/\/i2.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/01\/BaronSoftwareLogo.fw_.png?fit=1920%2C400&ssl=1","contentUrl":"https:\/\/i2.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/01\/BaronSoftwareLogo.fw_.png?fit=1920%2C400&ssl=1","width":1920,"height":400,"caption":"Baron Software"},"image":{"@id":"https:\/\/www.baronsoftware.com\/Blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/Rbaroniunas"]},{"@type":"Person","@id":"https:\/\/www.baronsoftware.com\/Blog\/#\/schema\/person\/079d370e4230be9d5f75885bb33dd8cd","name":"richard@baronsoftware.com","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e5a3cc457a883c420e8af899f2639359d220ae6bfed4587ca7ed17f45ca0c21c?s=96&d=mm&r=g","caption":"richard@baronsoftware.com"}}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p2e6qU-cm","jetpack-related-posts":[{"id":772,"url":"https:\/\/www.baronsoftware.com\/Blog\/microsoft-outlook-affected-spectre-meltodown-bug\/","url_meta":{"origin":766,"position":0},"title":"Microsoft Outlook could be affected by the Spectre-Meltdown bug","author":"richard@baronsoftware.com","date":"February 16, 2018","format":false,"excerpt":"Microsoft Outlook could be affected by the Spectre-Meltdown bug The February updates address security flaws in Internet Explorer, Edge, Microsoft's ChakraCore JavaScript engine, Windows, and Office. Two worrying bugs fixed this month affected Outlook. One, a memory-corruption flaw, identified as CVE-2018-0852, could allow an attacker to run arbitrary code.\u00a0 \u00a0Microsoft\u2026","rel":"","context":"In "Microsoft Development"","block_context":{"text":"Microsoft Development","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/microsoft-development\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/cropped-BaronSoftwareLogo_2018.fw_-1.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":808,"url":"https:\/\/www.baronsoftware.com\/Blog\/latest-utorrent-bug-can-control-computer-steal-downloads\/","url_meta":{"origin":766,"position":1},"title":"Latest uTorrent bug can control your computer to steal downloads","author":"richard@baronsoftware.com","date":"February 24, 2018","format":false,"excerpt":"Latest uTorrent bug can control your computer to steal downloads Two versions of uTorrent, one of the Internet's most widely used BitTorrent apps, have easy to exploit vulnerabilities that allow attackers to execute code, access downloaded files, and snoop on download histories recently discovered by a Google researcher. uTorrent developers\u2026","rel":"","context":"In "News Items"","block_context":{"text":"News Items","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/news-items\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/cropped-BaronSoftwareLogo_2018.fw_-1-300x62.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":874,"url":"https:\/\/www.baronsoftware.com\/Blog\/meltdown-patch-opened-bigger-security-hole-on-windows-7\/","url_meta":{"origin":766,"position":2},"title":"Meltdown Patch Opened Bigger Security Hole on Windows 7","author":"richard@baronsoftware.com","date":"April 1, 2018","format":false,"excerpt":"Meltdown Patch Opened Bigger Security Hole on Windows 7 Microsoft's Meltdown patch has opened an even bigger security hole on Windows 7, allowing any user-level application to read content from the operating system's kernel, and even write data to kernel memory. Swedish IT security expert Ulf Frisk made the discovery\u2026","rel":"","context":"In "Microsoft Development"","block_context":{"text":"Microsoft Development","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/microsoft-development\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/cropped-BaronSoftwareLogo_2018.fw_-1-300x62.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":815,"url":"https:\/\/www.baronsoftware.com\/Blog\/npm-update-crashes-linux-systems-cases-forces-reinstallation\/","url_meta":{"origin":766,"position":3},"title":"NPM Update Crashes Linux Systems and in some cases forces re-installation","author":"richard@baronsoftware.com","date":"March 1, 2018","format":false,"excerpt":"NPM Update Crashes Linux Systems and in some cases forces re-installation A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as \/etc, \/usr, \/boot.\u00a0 \u00a0Changing ownership of these files either crashes the system, various local apps,\u2026","rel":"","context":"In "Software Releases"","block_context":{"text":"Software Releases","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/software-releases\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/cropped-BaronSoftwareLogo_2018.fw_-1-300x62.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":278,"url":"https:\/\/www.baronsoftware.com\/Blog\/fixinsight-delphi-2016-03-released\/","url_meta":{"origin":766,"position":4},"title":"Fixinsight for Delphi 2016.03 released!","author":"richard@baronsoftware.com","date":"April 2, 2016","format":false,"excerpt":"Fixinsight for Delphi 2016.03 released! What's New Introduced rule W529 (\"Should be 'raise' instead of 'raise object'?\") Rule O802 now works in entire project scope Added buttons 'Save as Default' and 'Load Defaults' to FixInsight Settings window Improved parser Minor fixes When working with software there will be software bugs\u2026","rel":"","context":"In "Rad Studio Delphi Development"","block_context":{"text":"Rad Studio Delphi Development","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/rad-studio-embarcadero-delphi-development\/"},"img":{"alt_text":"Fixinsight","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2016\/04\/FixinsightLogo.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":751,"url":"https:\/\/www.baronsoftware.com\/Blog\/iphone-source-code-ios-9-leaked-github\/","url_meta":{"origin":766,"position":5},"title":"iPhone Source Code From iOS 9 Leaked on Github","author":"richard@baronsoftware.com","date":"February 10, 2018","format":false,"excerpt":"iPhone Source Code From iOS 9 Leaked on Github \u00a0 It seems poor old Apple has run into some serious issues in the last few months where the first thing was a poor battery forcing the iOS to be slowed down, followed by a bug that allowed anyone to change\u2026","rel":"","context":"In "Computer PC Tips - bits and bytes"","block_context":{"text":"Computer PC Tips - bits and bytes","link":"https:\/\/www.baronsoftware.com\/Blog\/category\/pc-tips-bits-bytes\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.baronsoftware.com\/Blog\/wp-content\/uploads\/2018\/02\/Apple.jpeg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/posts\/766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/comments?post=766"}],"version-history":[{"count":1,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/posts\/766\/revisions"}],"predecessor-version":[{"id":767,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/posts\/766\/revisions\/767"}],"wp:attachment":[{"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/media?parent=766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/categories?post=766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.baronsoftware.com\/Blog\/wp-json\/wp\/v2\/tags?post=766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}