Hackers are actively exploiting a critical vulnerability in Microsoft's Windows operating system that allows them to remotely execute malicious code when victims visit a booby-trapped website.
"These attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents," Andrew Lyons, a Google security engineer, wrote in a
blog post published Tuesday.
"Users running Windows XP up to and including Windows 7 are known to be vulnerable."