A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka "Skype for Business Remote Code Execution Vulnerability".
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8550