Microsoft has issued a "critical" patch for every supported version of Windows.
The software giant said in its monthly security bulletin as part of its so-called Patch Tuesday that Windows Vista and later, including Windows 10, require patching from a serious remote code execution flaw in Internet Explorer.
The patch, MS15-106, addresses a flaw in how Internet Explorer handles objects in memory, the company said in its advisory. If exploited, an attacker could gain access to an affected machine, gaining the same access rights as the logged-in user, such as installing programs, and deleting data.
An attacker would have to "take advantage of compromised websites, and websites that accept or host user-provided content or advertisements," said the advisory. "These websites could contain specially crafted content that could exploit the vulnerabilities."