Microsoft is warning people that use Internet Explorer (IE) about attacks that are exploiting a previously unknown security flaw.
The flaw affects IE6 through IE11, and on all Microsoft operating systems.
The vulnerability allows malicious software to be installed simply by visiting a hacked or malicious website.
Microsoft has not issued a patch for this flaw at the time of this post.
The company is asking IE users to download and install its Enhanced Mitigation Experience Toolkit (EMET), a free tool that can help strengthen security on Windows. EMET must be version 4.1 or higher to prevent an attack using this flaw.
This is the first major vulnerability since Microsoft stopped support of Windows XP on April 8. This means that the fix may not be made for users still on the unsupported operating system.