According to a report at Torrentfreak, both clients are vulnerable to a remote denial-of-service attack due to the way they handle user-supplied data. Versions found to be vulnerable so far are the official BitTorrent 6.0 client, uTorrent 1.7.x, uTorrent 1.6.x and uTorrent 1.8-alpha-7834.
The flaw allows an attacker to crash the application, however Code execution is not possible, meaning that it’s more of an annoyance than something that should cause BitTorrent users to panic.
Both clients are produced by the company BitTorrent, which has taken $34 million in funding over two rounds from Accel Partners and Doll Capital Management.
Update: Commenter’s suggest there’s already a fix. That was quick, make sure that the BitTorrent client you’re using to download legitimate legal content is up-to-date.