All versions of Windows hit by "critical" security vulnerabilities

It's the fourth patch ​so far this year that's hit all versions of Windows.

(Image: file photo)

Microsoft has fixed a critical security vulnerability affecting all supported versions of Windows.

The company said in a security advisory that all users of Windows 10 and earlier should patch as soon as possible to prevent attackers from exploiting a flaw in how the operating system handles graphics and fonts.

The patch fixes four separate vulnerabilities -- the worst of which could let an attacker install malware on an affected computer.

The flaw is not thought to have been actively exploited in the wild, the company said.

It's the fourth patch so far this year that's affected every supported versions of Windows. Microsoft currently patches Windows Vista and later -- including its latest operating system, Windows 10 -- but leaves millions of unsupported users of Windows XP at risk of infection.

Microsoft said it had issued eight bulletins in total, patching dozens of vulnerabilities in Windows and Office 2007 and later. Two of those patches include fixes for Internet Explorer and its newer browser, Microsoft Edge for Windows 10.

May's patches will be available through the usual update channels.