What is the vulnerability?PureHacking, an Australian security research firm describing a vulnerability and proof of concept exploit affecting Skype for Mac.

What is the potential risk?The researchers at PureHacking and the developers at Skype seem to disagree on the scope of the threat. PureHacking claims to have developed a proof-of-concept exploit that allows the attacker to take complete control of the vulnerable Mac system, and states that the flaw is easily wormable and extremely dangerous.

Skype's seems to believe the threat is much more limited. that a message from a malicious contact could cause the Skype for Mac software to crash, and stresses that default privacy settings in Skype restrict the impact because you can only received messages from your authorized list of contacts.

There is a pretty big difference between "limited threat that crashes the Skype client" and "dangerous worm that pwns Mac PCs". PureHacking may lean toward "sky is falling" for the sensationalism, while Skype has a motive for erring on the side of "no big deal". Lets assume the truth is somewhere in the middle.

Is my version of Skype affected?According to the Skype blog post, only Skype for Mac 5.x is affected. Earlier versions are not vulnerable to this exploit.