Microsoft has issued a new patch for Windows XP and Server 2003, rated 'important'.
The patch, for the Windows Help and Support Centre, fixes a flaw that could allow malicious code to cross onto PCs via a specially designed web page. Such code could also get in via an email to an unpatched version of Outlook.
Once they had gained access, a hacker would have control of the host PC, allowing it to be used for spamming or denial of service attacks.
Microsoft has warned customers to "install the update at the earliest opportunity".
The patch - the company's fifteenth this year - also removes a feature that allows users to install a DVD decoder automatically, as this could be used maliciously.
The company thanked Donnie Werner of security firm exploitlabs.com for pointing out the DVD flaw.
The patch can be downloaded from Microsoft here.
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23