Skype reads out BIOS data

The Windows version of the video and telephony software Skype reads and stores the BIOS data of a users computer. As a hacker with the pseudonym Myria reports in a blog entry, once the software is launched it saves an executable file called 1.com in the user’s temporary folder. This file contains code that transmits the data found in the BIOS address area of the application to be launched. It is not yet clear what the Skype software does with the data, which may contain, among other things, the motherboard serial number. The mysterious .com file was only noticed because of an error message that Skype outputs when it is launched on systems running on 64-bit versions of Windows. 64-bit versions lack the “NT Virtual DOS Machine” (NTVDM), which allows direct access to BIOS memory pages and is required to execute the program. Since myria’s blog entry is dated February the 6th 2007 presumably Skype added the BIOS reading code to their applications relatively recently. read more?