The flaw, which is being leveraged in "limited, targeted attacks," allows remote code execution, Microsoft warns.
Company warns customers that exploit code for the Server Message Block hole is available and suggests a workaround until a patch is ready.
Researchers report code exploiting an unpatched flaw within Microsoft's Web browser one day after Patch Tuesday. It creates an XML tag, then waits 6 seconds to thwart antivirus engines.
At least four exploits for vulnerability in the Windows domain name system service were published over the weekend.
Code could put millions of IM users at risk to new attacks.
The unpatched security hole could be used by a remote attacker to compromise a vulnerable Mac, advisories say.
Original researcher makes public his own exploit code.
Patch for serious vulnerability in media player software comes 23 days after details of the flaw and attack code were publicly released.
Sample code that exploits a yet-to-be-fixed Windows flaw is circulating. Microsoft plans to deal with it on the next Patch Tuesday.
"Extremely critical flaw" in Microsoft Word 2000, which has no released patch, could lead to remote execution of code.