Feb 142018
 February 14, 2018  Posted by  Breaches, Business, Healthcare

Normally, something about a Skype vulnerability might be posted over on DataBreaches.net instead of this site, but because therapists may use Skype for online therapy or to communicate with patients, I thought maybe I’d post this one here. Swati Khandelwal writes:

A serious vulnerability has been discovered in Microsoft-owned most popular free web messaging and voice calling service Skype that could potentially allow attackers to gain full control of the host machine by granting system-level privileges to a local, unprivileged user.

The worst part is that this vulnerability will not be patched by Microsoft anytime soon.

Read more on The Hacker News.

Whether Skype is HIPAA-compliant is something that continues to be debated, and I don’t feel qualified to offer any technical or legal opinion on that question, although as I mentioned on Twitter recently, if your choice is whether to absorb some risk or the patient doesn’t get any therapy and has no options, well, it’s worth considering. And as attorney Matt Fisher commented, some of the issue can be addressed by informing the patient of possible risks, and then allowing the patient to make an informed decision.



  2 Responses to “Microsoft Won’t Patch a Severe Skype Vulnerability Anytime Soon”

  1. I actually think it is a great idea. I think this is a great example in how modern technology devices can work in a positive direction in medical/HIPAA related areas. If the kinks of some vulnerabilities can be flushed out, it can be considered an excellent idea.
    It is always best to speak with or see people directly. At least with Skype, you are not exactly in the same room, but at least the parties are seeing each other where they can also observe and pick up on body mannerisms and facial expressions.

    Also is everything ok? The other blog site has “comments off at this time” for the most recent blog posts you are putting up. Is everything ok? One site has comments off and the other site doesn’t

  2. I’ve been experimenting with blocking comments due to a harasser/stalker situation.

Sorry, the comment form is closed at this time.