The flaw has been exploited for targeted attacks.
Microsoft revealed the zero-day vulnerability in its Internet Explorer browser—and its patch—in a post on Wednesday.
The tech giant said that hackers were using the flaw for targeted attacks. A memory corruption vulnerability allowed anyone to set up a fake website that exploits the flaw and then lure people to that site with just a link. Once the user clicks that link, the hacker could then hijack the user's computer.
The flaw was first discovered by Google, who then alerted Microsoft to it, Ars Technica reports.
Microsoft has recommended all users update their browser. The update would fix the flaw by "modifying how the scripting engine handles objects in memory." Another option for users is to enable Windows Update, which will download the fix automatically.
Internet Explorer was once the world's most popular browser, but now a much smaller percentage of people still use it.
It's important to note that in general, you should keep your devices as up to date as possible to keep them secure. So if you are using an old version of Windows or an old web browser like Internet Explorer, it's time to update. Also, remember, don't click on suspicious links in your email inbox.