Microsoft is advising customers to take additional security precautions following the discovery of new attacks targeting Internet Explorer.
The company said in a Security Advisory that the attacks exploit a vulnerability in an ActiveX control for the Microsoft Office Web Components software.
Embedding a specially-crafted spreadsheet file within a web page could allow an attacker to cause an application crash and gain the access rights of the current user, potentially allowing for remote code execution on the target system.
The ActiveX vulnerability is the second such flaw to be attacked in recent days. Microsoft issued a warning last week about attack taking aim at a flaw in the Microsoft Video control.
Microsoft has provided an automatic workaround which disables the vulnerable component, but did not give information on when a permanent fix will be released.
News of the latest flaw comes on the eve of the company's planned monthly patch release. Microsoft said in its advance notice that it will be issuing fixes for six security flaws.
However, the new alert has surfaced so close to the planned Patch Tuesday release that security experts believe Microsoft is unlikely to issue a fix along with the monthly update, and are advising users to run the automatic workaround procedure.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago