According to the report, an attacker will create a tainted image file, copy and paste from the computer clipboard to the Skype user's chat window. When the file is located on the clipboard of both local and remote systems, Skype will be overflowed by buffer, causing errors and application crashes, open to hackers to exploit.
'' The limit of file size through the session with the remote clipboard has no safety limit. An attacker could crash the software with a request to override the EIP subscription of the active software process, 'said Vulnerability Lab. 'Therefore, it allows local and remote attackers to execute their code on connected and infected computers via Skype'.
The company also provides a PoC exploit code that you can use for testing. The Vulnerability Lab reported bugs to Microsoft on May 16, and Microsoft fixed the bug, released a patch on June 8 for Skype version 7.37.178. If you're using Skype, make sure you install the latest version to protect yourself.