Microsoft has had to release an urgent update to stop hackers from taking controls of computers using an email.
The unusual bug could be used without the recipient opening the message.
The flaw came to light at the weekend by researchers working for Google’s Project Zero cyber-security outfit.
The fix has been sent out hours before Microsoft’s weekly Tuesday security update.
Windows 8, 8.1, 10 and Windows Server operating systems are all affected by the bug.
Cyber-security expert Graham Cluley said it was “tremendous” that Microsoft had managed to release a patch so quickly.
Windows users can check to see if they are running the latest Windows Defender version (1.1.13704.0) to make sure they are not at risk.