According to security firm Secunia, “the vulnerability is caused due to an error in the handling of video conversations and can be exploited to cause a heap-based buffer overflow via specially crafted data sent to a user”.

The flaw may be exploited in order to allow hackers to execute arbitrary code on the victim’s machine and thus, compromise the system. However, it’s mostly up to the user to fend off such attempts: decline incoming webcam invitations from unknown sources.

The heap-based buffer overflow vulnerability has been rated highly critical. Up till now it has only been reported in in version 7.x, but chances are that other versions may also be affected.

At present time there are no available patches for the vulnerability. Aside from being careful about what webcam invitations they accept, users are also encouraged to upgrade to Windows Live Messenger 8.1 or later, which are not affected.