The flaws include a buffer overflow that could be used to direct users to a specially crafted URL, a flaw in the handling of VCARD information that could allow a system takeover, and a heap-based buffer overflow that could be used to crash the VoIP application.
British security testing specialist Pentest said that the flaws took a week to fix. Its researchers found the flaws on 18 October and reported it to Skype, which released an upgrade last night.
The flaws affect all versions of Skype prior to version 1.4.83 and affect the Windows, Linux, Mac and Pocket PC platform code.
The patched version of Skype is available for download here.
Addison Lee is working on autonomous taxis for commuting and pleasure
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products