This vulnerability is being sent out as an email, with the subject line "Happy New Year's" with an image attachment that shouldn?t be clicked on. If the attachment is opened, it will download a Trojan horse that opens the "back door" of your system and allows sensitive files to be viewed.
"One of the variants would then allow the people who have done these to remotely access your machine and do whatever they wanted as you on your PC," said Lee Vrieze of Chippewa Valley Technical College.
Reports of this flaw were first reported in late December. Microsoft is currently working on a patch that will correct the problem, which will be available January 10th to download.