The Skype security problem I wrote about here and here is much more serious than originally reported, according to the hacker who found and reported the vulnerability.
Aviv Raff showed me proof-of-concept code that fired a code execution exploit whenever I visited a booby-trapped Web page. The exploit worked even if Skype was not running–visiting the Web page automatically opened Skype, attempted to load a video, and then launched the executable code.
After Raff’s second discovery–which is a combination of a cross-site scripting bug in Metacafe and a cross-zone scripting vulnerability in Skype–the eBay-owned company completely removed the Add a Video feature until a patch is ready.