The software giant announced the vulnerability, which is in the operating systems' Help and Support Centre, in its latest monthly security advisory. The flaw could be triggered from web pages or HTML e-mail, but is apparently a lower threat than the Sasser worm.
Microsoft labelled the vulnerability as important.