Security alerts aggregator Secunia Inc. rates the risk from the flaws as "highly critical" and urged users to apply the appropriate patches immediately.
The more serious of the two bugs is a boundary error that exists when Skype-specific URI types like "callto://" and "skype://" are handled by the application.
This can be exploited to cause a buffer overflow and allows arbitrary code execution, according to an alert posted on the Skype Security Center.
The effected versions of the software include Skype for Windows Releases 1.1.*.0 through 1.4.*.83.