Skype For Business brought down by the Kitten of Doom Emoji Attack

Crash Skype for Business by sending a large number of emojis 800+ kittens in one message and the client freezes the program for a few seconds. This can be exploited to perform Denial of Service attacks against Skype for Business users and compromises the availability of the program.

How would an attacker go about performing this attack? Well its quite simple, the attacker can continuously send many messages to the chat window and it will freeze the program for all participants in the meeting room and prevent them from using the chat or seeing the video.

Kitten of Doom
Kitten of Doom

 Are you affected?

You could send yourself a few hundred emojis and see if your client freezes but we wouldn’t recommend it. Plus, there is an easier way. Just check if your client is one of these:

  • Skype for Business 2016 MSO (16.0.93).64-Bit or before
  • Lync 2013 (15.0) 64-Bit part of Microsoft Office Professional Plus 2013 or before
  • Running on Windows

How to fix it

Please install the latest patch supplied by Microsoft and make sure your system is up to date, in general. Spread this article with people in your network, so they know about it too:

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.