Microsoft said it will rush a security update out of its normal patching cycle to correct a critical flaw affecting multiple versions of Windows.
The bulletin is expected to be released today. Little is known about the flaw except that it leaves Windows vulnerable to remote code execution. Microsoft said the flaw affects Windows 2000, XP, and Windows Server 2003. Windows Vista and Windows Server 2008 are also affected but the problem is less severe, the software giant said in its advisory.
Christopher Budd, security program manager in the Microsoft Security Response Center, said the bulletin will be released at 1 p.m. ET. A restart will be required.
The company has scheduled a webcast today at 4 p.m. ET to discuss the out-of-band security bulletin.
Microsoft patched flaws in Active Directory and Internet Explorer as part of its normal bulletin cycle issued Oct. 14. Eleven security bulletins were released to fix 20 flaws.