Security researchers have warned users that exploit code is already circulating on the internet to take advantage of some of the 21 security flaws in Windows and other products reported by Microsoft this week.
Microsoft issued 12 patches to address the 21 flaws, but at least six of them can be exploited using rogue code now circulating.
VeriSign, for instance, said it had discovered exploit code for five of the flaws, and warned that users must patch their systems as soon as possible to protect themselves.
However, many users need to test the effect patches may have on their systems before installing them widely, so there is a danger that there could be an attack in the wild before most firms are fully patched.
The 21 flaws affected the Windows OS, including problems with the Internet Explorer browser, and security holes in the Office productivity suite, Windows Media Player, and the Exchange e-mail server.
The patch for Exchange was not classed as “critical” by Microsoft, but “important”. However, security suppliers including Symantec have disagreed with this lesser rating, and say the threat is as dangerous as the other critical flaws Microsoft has patched against.