Skype has patched a critical vulnerability in the Mac OS X edition of its flagship VoIP client that could be used by attackers to grab control of a user's computer.
The flaw, which Skype rated as "high" and Danish vulnerability tracker Secunia pegged as "highly critical," is in how the Internet telephony application processes Web addresses. According to the Skype security advisory, an attacker could create a malformed URL, then send that to a Skype user who, after clicking on the link, would either see Skype crash or have his Mac hijacked.
All Mac Skype clients versions 1.5.*.79 and earlier are vulnerable. Windows and Linux editions are unaffected.
Skype 1.5.*.80, which patches the vulnerability, was released Tuesday. It can be
downloaded from the Skype Web site.