Microsoft issued a security bulletin today announcing a newly discovered vulnerability. The issue allows attackers to run arbitrary computer code on a victim’s computer.
The new vulnerability is accessible to an attacker when a user opens or previews a specially-crafted document, for example, using Windows Preview. A security patch is expected quickly, but for now, the best defense is to avoid opening documents or attachments on your computer that you do not trust.
If you receive an attachment via e-mail, even if it appears to be from someone you know or trust, be cautious. If you were not expecting them to send you a file, call and confirm before you open it. If the file comes from someone you do not know, do not open it. Simply delete the e-mail, without opening its attachments.