Potentially a pretty bad bug. Luckily updating is very easy.
"So I decided to test another Mac and sent the payload to my girlfriend. She wasn't too happy with me as it also left the her Skype unusable for several days."
Maddern put together a proof of concept using metasploit and meterpreter as a payload, and found he was able to gain a shell remotely.
"The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victim's Mac. It is extremely wormable and dangerous," he says.
Maddern says it took over a month for Skype to respond and issue a patch. It's now done so, with 18.104.22.1682, which requires a manual update and will be pushed out next week.
Skype bug lets hackers take over Macs | TG Daily.