Two security experts from Israeli security firm Radware have worked out how to hijack the communications during the update process for Skype and other applications.

More than 100 of the world's most popular software is vulnerable to the problem according to Itzik Kotler, team leader of Radware's security operations centre. Kotler and colleague Tomer Bitton are releasing a tool called Ippon, which means "game over" in Judo, that enables the attack and offers a 3D view of potential victims on a network.

Attackers can scan a Wi-Fi network for computers checking for new updates via HTTP. If the system detects a computer sending a software update request, the tool replies before the app update server responds. Ippon customizes messages for the particular application and sends a message indicating that there is an update available even when the system already has the most recent legitimate update. A malicious file is then downloaded from the attacker's server onto the victim's computer.

So far they have not found if Firefox or other major browsers are vulnerable. They say that Microsoft software is invulnerable because it uses digital signatures in its update process. Kotler said that all software updates should use digital signature updates, but the problem is that they don't. People should avoid doing software updates on public wi-fi networks too, he added.