The vulnerability affects versions 6 through 11 of the Web browser.
Microsoft Corp. said Saturday that it was aware of "limited, targeted attacks" that tried to exploit the security gap. The company is working on a safety fix which it will provide in an upcoming software update.
In the meantime, Microsoft encourages customers to enable a firewall, apply all software updates and install anti-malware software.
A division of the Homeland Security Department recommends users download a security toolkit from Microsoft or use another browser until an update becomes available.