Microsoft strongly encourages Windows users and users of it sits Internet Explorer browser to install an urgent security update.
The software giant said in a notice that a security issue was affecting some versions of Internet Explorer. The vulnerability would allow hackers to execute code on affected devices. Computers could be stealthy when visiting a malicious web page or via email phishing.
A hacker who exploited this vulnerability successfully could take control of the affected system. He could then install software; view, change or delete data or create new accounts with the same access as the real person, can read in the notice.
Microsoft said the security breach was being actively exploited, but did not make public the details of the problem.
More than 7% of Internet users currently use Internet Explorer versions 9, 10, and 11, all affected by the vulnerability. All editions of Windows, including Windows 7, Windows 8.1 and Windows 10, as well as several versions of Windows Server, are also achieved.
Most people using these programs can install updates via Windows Update.
Microsoft has also patched its built-in antivirus software, Windows Defender, to prevent malicious external exploitation from causing a denial of service of the application.
The company assures that no action is required to remedy the Windows Defender bug.
It is rare for Microsoft to release urgent updates outside of its typical monthly cycle. The company normally announces these updates in the second week of each month, at the so-called Patch Tuesday , but immediately makes some punctual updates when more serious vulnerabilities are discovered.
The US Department of Homeland Security also issued a notice (New Window) urging affected users to install the necessary updates.