Earlier today, Microsoft issued a special update (MS15-093) to address a critical vulnerability in all versions of Internet Explorer. The new Edge browser is not affected.

Normally, security updates for IE are provided on monthly Patch Tuesdays. Since Microsoft is making this update available outside the regular update cycle, we can assume that exploits for the vulnerability have been observed in the wild.

The vulnerability is a bad one. Merely visiting a specially-crafted web page with Internet Explorer can cause malicious code to execute, leading to the possibility of an attacker installing just about any kind of software or accessing any information on the affected Windows computer.

If you use Internet Explorer, please use Windows Update to install this patch as soon as possible.