Attackers are using a flaw in the way that Windows handles the .wmf (Windows Metafile) graphic file format. A specially crafted .wmf image placed on a website or sent through a spam email could allow the criminal to execute code on a user's system.
The arbitrary code execution lets the attacker install spyware or recruit a system for a zombie network, a collection of computers used for online crimes including sending spam or launching distributed denial of service attacks.
Microsoft urged users to update their antivirus software, and said that it is investigating the issue.
A patch is being developed which will be released either through Microsoft's monthly patch cycle on the second Tuesday of the month or as an out-of-cycle security update.
Security firm F-Secure said on its blog that it has seen at least three different computer worms that exploit the security hole. The company refers to the worms as W32/PFV-Exploit.A, .B and .C. The threats are being spread by spam email messages and through several websites.
Users of Microsoft's Internet Explorer are automatically infected when they visit a webpage hosting an infected image. Firefox will first ask the user before opening the file. If the user approves, the PC will be infected.
The workaround includes avoiding .wmf files from untrusted sources and resetting the file association, or opening the files with an application other than Windows Picture and Fax Viewer.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago