Microsoft has warned of a flaw in ActiveX that allows an attacker to run malicious code on a victim's computer.
The vulnerability involves a feature called Outlook View Control that allows a user to view mail or calendar information through the web. The flaw affects Outlook 98, 2000 and 2002.
Microsoft has issued a security bulletin recommending that customers ensure they have installed the Outlook email security update, and should temporarily disable ActiveX controls in the Internet Explorer Internet Zone.
Microsoft security program manager Scott Culp said: "Users will need to reconfigure their systems twice to correct the problem, once before the patch and then once again after the patch is issued."
Culp said Microsoft received the report on Monday and confirmed it existed on Wednesday.
"It isn't possible to throw a patch together overnight. The designs have to be right and there are multiple versions for each platform, which takes time," he said.
Although Culp said Microsoft had not received any reports from customers, "malicious users always exploit vulnerabilities and from past experience, that makes it more likely the bad guys will exploit this".
Microsoft is driving ahead with the patch but no date has yet been set. "We will then re-release the security bulletin with the patch," Culp said.
Giga Information analyst Rob Enderle advised that users should contact their vendors to make sure they will fix the problem.
"With the ActiveX controls in jeopardy, it could be a potentially serious problem," Enderle said.
Latest Tesla news: Tesla share price continues to fall after Saudi Arabia's sovereign wealth fund is linked to investment in rival
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
RTX 280 Ti will come with 11GB of fast GDDR6 video RAM with a 352-bit memory bus offering 616Gbps
The scale of jobs lost to automation will be at least as large as those in the first three industrial revolutions
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC