Wired Microsoft is aware of a vulnerability in its Windows operating system that allows an attacker to inject an arbitrary file or script into infected computers.
The flaw is described in a blog post by the company on Tuesday.
The vulnerability is currently being used in a small number of cases by hackers.
Microsoft’s advisory does not specify what type of malicious code is being injected.
However, the vulnerability is similar to a similar vulnerability described last month by the same company.
The Microsoft vulnerability is related to the Windows operating systems Hyper-V and Windows Server 2003.
In short, if a malicious user attempts to open a file on an infected machine, they can execute the file and potentially inject arbitrary code, the blog post says.
The exploit is limited to running on a Hyper-v host.
Microsoft says the issue is currently limited to a limited number of Hyper-visors, so it does not pose a risk to users running any other operating system.
Microsoft said that while it has seen a limited amount of infections of the vulnerability in recent weeks, it does see many more affected machines than it has detected.
“We have seen a very small number [of] Windows machines that are vulnerable, but it’s not a very large number,” said Microsoft product marketing manager Dan Smith in an interview.
And we’re saying, ‘no, no, no. “
What we’re seeing is people looking at these Windows machines and thinking, ‘I have this problem, can I run this code?’
And we’re saying, ‘no, no, no.
You’re going to have to reinstall your system.'”
The company also says that this is a single issue, so other exploits are likely to be exploited.
Microsoft has not publicly disclosed the vulnerability.
Microsoft released a patch for the vulnerability on March 27, but did not publicly announce its existence until April 15.
Microsoft initially patched the vulnerability before releasing the patch for all of its products on April 15, a time when the bug was still relatively new.
Microsoft also released an update on March 29, and has since released two additional patches for the Windows vulnerability.
Smith said that this could be a new bug or a combination of other bugs.
“When you have a new vulnerability that’s been discovered, you have to be careful,” Smith said.
“And when you’re releasing a patch, it’s usually a good idea to make sure that it’s actually going to fix the problem.”
Microsoft said it will continue to update the operating system to address the problem.
“As always, we’re committed to providing the most secure software possible for our customers, and we continue to invest in patches that protect users and the world around us,” Smith wrote in the blog.
“The vulnerability described in this blog post is currently a single exploit, but this issue has been in use for years in other environments.
We hope to continue to work with our partners to provide a full update soon.”
The vulnerability affects Windows XP, Windows Server 2000, Windows XP SP2, Windows Vista, Windows 7, Windows 8, Windows 10, and Windows RT.
Microsoft did not say how many machines were affected by the vulnerability or whether the exploit is still in use.