Microsoft warned a newly discovered bug in its Internet Explorer web browser makes PCs vulnerable to attack by hackers.
The company is investigating reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9. Internet Explorer 10 is not affected.
Microsoft said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim's computer.
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
Microsoft advised customers on its website late on Monday to install the security software as an interim measure.
The free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, is available through an advisory on Microsoft's website
The EMET software must be downloaded, installed and then manually configured.
Symantec and other major anti-virus software makers have already updated their products to protect customers against the newly discovered bug in Internet Explorer.
Security experts advise user to dump IE until the problem is fixed.