Microsoft has released a single fix in the first of its 2010 monthly Patch Tuesday security updates.
The January update addresses a flaw in a component of Windows and Windows Server which, if exploited, could allow an attacker to remotely execute code on the targeted system.
The company explained that the flaw lies within the Windows components that handle Embedded OpenType Font packages. Researchers found that, by bundling attack code into a font package, an exploit could be performed to give the attacker control over the system.
While the vulnerable code is believed to be present in all supported versions of Windows, the targeted component is accessible only in Windows 2000.
As such, the flaw is being categorised as a 'critical' risk for Windows 2000 SP4 users, but is regarded only as a 'low-level' risk for XP, Vista, Windows 7, Server 2003 and Server 2008.
Microsoft also posted a warning to XP users regarding the Adobe Flash Player 6 component, advising users to upgrade the copy of Flash Player originally bundled with Windows XP in order to patch recently discovered vulnerabilities.
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away