Microsoft has cautioned users that the vulnerability in its Windows operating system could allow hackers to gain access to the affected computers through remote code execution.
Currently investigating reports of vulnerability in the Microsoft Graphics module, the US software major revealed that Microsoft Windows, Microsoft Office and Microsoft Lync could be attacked.
According to the firm, hackers would be able to exploit the vulnerability by seeking consumers to preview or open a specially crafted email or web data.
Microsoft said that the issue is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images.
"An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content, Microsoft said.
"An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
"Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
"We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers."
However, the latest versions of Windows and Office have not been hit with the attack – which mainly targets a graphics component.
"We are aware of targeted attacks, largely in the Middle East and South Asia," the company said.