Emil Protalinski for The Next Web â€“ Security hole allows anyone to hijack your Skype account using only your email address:
We reproduced the attack, step-by-step, and managed to access theÂ Skype accounts of TNW writer (with permission) Josh Ong (as well as editor Matt Brian to verify again) with only their email addresses. Essentially, that email address is used to create a new account with your own email address tied to it. Then, minus a couple of key steps, you can use a password reset token to gain access to your targetâ€™s account.
You better change your email to an address nobody knows. Hint: Gmail supports the + operator in addresses. So email@example.com arrives at firstname.lastname@example.org.
The Verge reports that Microsoft is disabling password resets.