The vulnerability surfaced after a video was posted on the Secalert website. The victim does not need to be on either the attacker’s Facebook friends list or Skype contact list for the exploit to work. Neither Skype nor Facebook has yet confirmed the findings. Skype has issued a statement saying that they actually fixed the flaw last week. The flaw has been independently verified. The vulnerability was fixed last week by an update deployed to Skype users, the company says, “all affected users should already be protected””]
Source: https://gizmodo.com/facebook-skype-security-exploit-can-compromise-your-sys-5826603