The single flaw, which is rated 'critical', affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
Although the newer software releases are only rated as facing a 'moderate' threat, it is likely that failing to apply the patch could allow a computer to be accessed or controlled remotely, according to the vendor.
Users will be able to download the January security update directly from Microsoft's web site on Tuesday 13 January.
Although this is a small release, Microsoft has recently taken to announcing out-of-cycle updates in between Patch Tuesdays. For example, in December the firm released an emergency patch for Internet Explorer.
Microsoft plans low-key Patch Tuesday
By David Neal on Jan 12, 2009 6:52AM