{"uuid": "6e915dbc-e95b-4226-bae4-4acae0a040e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-1000006", "type": "seen", "source": "https://t.me/itsecalert/86", "content": "\u26a0\ufe0f Signal, Skype, Slack, Rot, Keeper and all other  Electron apps contain a remote code execution vulnerability. Electron released a fix.\n\n* Affected Desktop apps: Signal, Skype, Slack, Rot, Keeper (and many others - see https://yt.gl/electronapps)\n* Electron Apps with default prtocol handler (like myapp:// ) are vulnerable \n* The devlopers should generate an update asap\n\nAdvice: Do not click on any untrusted links. Do not allow webpages to open electron desktop apps.\n\nIf you develop (!) Electron Apps, please update to the newest versions: 1.8.2-beta.4, 1.7.11 and 1.6.16 and send an update to your customers. \nSkype (newest version) and slack (3.0.3) are already fixed.\n\"Full\" list of all Electron Apps: https://yt.gl/electronapps\n\nmacOS and Linux are not vulnerable to this issue.\nCVE-2018-1000006 \n(Severity: \ud83d\udd38 high ) More Info: https://yt.gl/p0xta\n#alert #severityhigh #electron #windows\n\nThanks to @JonasMuc and @CyborgRel from the @itsectalk admin team for reporting and gathering information on this vulernability. Please forward the info to the team responsible for updating desktop apps!", "creation_timestamp": "2018-01-24T21:13:37.000000Z"}