A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the handling of "file:" URIs, which can be exploited to bypass the security warning for blacklisted file extensions e.g. via a "file:" URI containing upper case characters in the file extension.
Successful exploitation allows execution of arbitrary code, but requires that a user is tricked into clicking on a specially crafted "file:" URI.
The vulnerability is reported in version 3.8.*.115 and prior.