The vulnerability, which does not affect IE 9 and 10 can allow hackers to grade control of a machine using the older browsers and remotely execute code.
“We recommend that you install this update as soon as it is available,” Microsoft’s advance notice to users said. “This update for Internet Explorer 6-8 will be available through Windows Update and our other standard distribution channels.
Symantec links Elderwood hackers to IE zero-day
Stop using IE says Germany
The software company said machines with enabled automatic update features do not need to take any action.
If users also applied the fix released in Security Advisory 2794220, they also do not need to uninstall it before applying the new security update.