Critical execution code flaw of Electron: a security risk for Skype and WordPress applications

Share on facebook
Share on linkedin
Share on twitter
Share on email

Electron is an open-source framework that allows developers to create desktop applications such as JavaScript, HTML and CSS.

Regarding the vulnerability in the Electron Framework, it could have a direct impact on Skype, Signal, Slack, GitHub Desktop, Twitch, Visual Studio Code, Github Desktop and applications.

Hackers could execute code remotely

“A remote code execution vulnerability has been discovered affecting Electron applications that use custom protocol handlers, which has been assigned to the CVE-2018-1000006 CVE.” States the Electron team.

However, macOS and Linux users are not vulnerable to the problem.

A solution to avoid exploiting the vulnerability. 

“If you can not update your Electron version, you can add” – “as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from scanning other options. The double dash “-” means the end of the command options, after which only the position parameters are accepted, “explains Electron.

We invite you to update your application immediately to avoid any problems.

Subscribe to our newsletter

Get updates and learn from the analytics experts
  • Adobe Analytics and Google Analytics product updates
  • Sharing our digital analytics knowledge with developers and marketers
  • Keep you up to date with the Analytics community
  • Sharing industry best practices and standards

More To Explore

Adobe Analytics Cloud May 2021 Release - Devrun Digital Analytics Agency
Adobe Analytics

Adobe Analytics Cloud May 2021 Release

The Adobe Analytics Cloud is an innovative digital analytics solution for impactful data insights and audience management. It is updated every month to introduce new

Having question about your digital analytics?

Send us a message regarding your digital marketing!