There is an advice for Skype users, please upgrade to the recent version of its VoIP software in order to fix a security bug reported by a security researcher in new zealand. The bug can affect several versions of the Skype client for Windows and could allow a hacker to download a file from an affected PC without permission. The company has rated the vulnerability at medium risk. It originates from a flaw in the way the Skype client handles a type of URI and Skype installs several URI handlers during a typical client installation.

In order to fall prey to the hacker, the Skype user must be tricked into visiting a webpage set up by the hacker and must be aware of the location of the file he would want to transfer and must have added the victim to the contact list. All releases of Skype for Windows up to and including version 2.0.x.104, as well as version 2.5.x.0 up to and including 2.5.x.78 are vulnerable to the bug. Skype has advised all its users to upgrade to Skype 2.5, release 2.5.x.79 or later, or Skype 2.0, release 2.0.x.105 or later.

Skype has issued the first security bulletin in about seven months in this regard. Click here to access the security bulletin.