An attacker could exploit the flaw by injecting specially-crafted code into a video chat invitation.
On accepting the invitation, the user would experience a buffer overflow, which could in turn cause an application crash and allow the attacker to execute malicious code.
Discovery of the vulnerability is credited to a researcher known as 'Wushi'.
Security firm Secunia rated the vulnerability as 'highly critical', the second highest of its five alert levels.
A Microsoft spokesperson said that the company is investigating the flaw. Microsoft and Secunia recommend that users upgrade to Windows Live Messenger 8.1.
Secunia also recommended that users who have not upgraded should avoid unsolicited video chat invites.
A similar flaw was reported two weeks ago in Yahoo Messenger which could allow an attacker to execute malicious code through a specially crafted chat invite.
_(22).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0){kind=logo}
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
