The flaw, which is being leveraged in "limited, targeted attacks," allows remote code execution, Microsoft warns.
Monthly security update addresses two dozen vulnerabilities, including one being exploited as part of the "Sandworm" cyberattack.
A security initiative from Google hopes to identify and put a stop to previously unknown, unpatched bugs that threaten the Web at large.
The company says two vulnerabilities are being actively exploited and recommends that Windows and Mac OS X users of the browser plug-in update their systems immediately.
Computers infected with malware after visiting a "strategically important Web site," security firm FireEye warns.
Google wants technology firms to cut down on the amount of time it takes to fix zero day vulnerabilities, but some are crying foul.
Something similar to the zero-day exploit recently discovered in Adobe's Reader and Acrobat tools has been found for its Flash Player as well.
Adobe is scheduled to release updates to Acrobat and Reader that address a zero-day flaw in the software that could allow an attacker to take control of a compromised system.
Critical vulnerability could allow an attacker to take control of a computer, company says, and no patch is available yet.
Out-of-band fix on Tuesday will address nine vulnerabilities, including a critical zero-day hole disclosed three weeks ago that affects Internet Explorer 6 and 7.