Skype has released a security bulletin to address a vulnerability. This vulnerability is due to an error in the handling of "file:" URIs. By convincing a user to click on a specially crafted "file:" URI, a remote, unauthenticated attacker may be able to execute arbitrary code.

US-CERT encourages users to review Skype security bulletin SKYPE-SB/2008-003 and upgrade to Skype version 3.8.0.139.

Read more: US-CERT Current Activity