PITTSBURGH — Microsoft says a security gap in Internet Explorer could allow an attacker to take complete control of a computer if the user clicks on a malicious link.
The vulnerability affects versions 6 through 11 of the Web browser.
Microsoft Corp. said Saturday that it was aware of "limited, targeted attacks" that tried to exploit the security gap. The company is working on a fix which it plans to provide in a software update on May 13.
Zheng Bu helped uncover the flaw.
"The hacker now has complete control over your computer," said Bu.
In the meantime, Microsoft encourages customers to enable a firewall, apply all software updates and install anti-malware software.
A division of the Homeland Security Department recommends that users download a security toolkit from Microsoft or use another browser until an update becomes available.
MORE INFORMATION: Microsoft Security Advisory
The Associated Press contributed to this story.
WPXI