Zert is an independent group of engineers that aims to issue updates for unpatched vulnerabilities that pose a serious risk to the public or the internet infrastructure.
The group believes that, in such cases, users should not have to wait until the vendor concerned issues a patch.
Zert was formed last December after the widely abused WMF vulnerability hit computers across the world.
The group's first patch repairs a vulnerability in the Vector Markup Language component in Microsoft's browser that could allow an attacker to take control of a system without any user interaction.
"While Microsoft can appreciate the steps these security researchers are taking to provide our customers with mitigations, as a best practice customers should obtain security updates and guidance from the original software vendor," said a spokesman.
"Microsoft carefully reviews and tests security updates and workarounds to ensure that they are of high quality and have been evaluated thoroughly for application compatibility.
"Microsoft cannot provide similar assurance for independent third-party security updates or mitigations."
Facebook told by Brussels-based court to stop tracking non-users and to delete all data held on them
Supply chain and manufacturing experience could give Dyson an important edge
New VR Zone Portal arcades open in London and Tunbridge Wells
Systems-on-a-chip with integrated AI features could make voice and facial recognition