Security firm Secunia is warning computer users about an 'extremely critical' new security flaw in Microsoft Word . The flaw is a so-called 'zero day' hole, which means that malicious code is already available, the Danish firm said.
It affects Microsoft Word 2000 and part of Office 2000, but Secunia said other Word versions may be at risk too.
If a computer user opens an affected Word document, trojan.mdropper.w will be automatically installed on their computer. A hacker could then take command of the computer remotely, sending out spam emails without the owner's knowledge.
Secunia has graded the flaw with its highest security rating - extremely critical - meaning there are already reports of the security flaw being exploited by hackers.
Microsoft defended itself saying the number of computer attacks is very low. As per usual with security flaws, the advice is to be careful and not open untrusted Word documents.
There isn't a patch available yet. Windows users will probably have to wait until Microsoft's planned monthly update on Tuesday 13 February for a solution.