Skype has fallen foul of a security flaw that can allow attackers to gain system-level privileges to vulnerable computers, Microsoft has confirmed. However, the company won’t immediately fix the issue because doing so would require a complete code overhaul. The bug was discovered by security researcher Stefan Kanthak, who says the Skype update can be nefariously tweaked to trick an application into drawing incorrect code instead of the right library. This would let a hacker download malicious code and put it into a user-accessible temporary folder, renaming it to an existing DLL that could be modified by anyone without system privileges. According to Kanthak, once system access is granted, an attacker “can do anything”. However, the hacker would require physical access to the computer to do this.