With barely a week prior to its next monthly ‘Patch Tuesday’ cycle, Microsoft Monday issued an emergency “out of the band” patch, for fixing a flaw in the manner in which Windows handles shortcuts.

The mid-July detected vulnerability, which affects all the Windows versions, enables hackers to embed malicious commands in shortcuts. The commands are executed when the shortcut link is used or viewed by the Windows users; and allow the hackers to take over an affected system.

Noting that the fix will be sent out to users who automatically update their systems, as well as be available via the Windows Update site, Christopher Budd, Microsoft’s senior security response manager, said that the release of the emergency patch comes in the wake of confirmations that there has been a notable rise in attempts to exploit the Windows flaw over the past few days.

Since this is the first time Microsoft has released a “critical” security update so close to its regular Patch Tuesday, Shavlik Technologies’ Jason Miller said: “Coming out with this patch this close to a Patch Tuesday is severe. People should be paying attention to this one, and patch as soon as possible.”

In fact, at the last-week-held Black Hat and Def Con security conferences in Las Vegas, the attendees termed the vulnerability as a $1-million flaw; since it enables hackers to tweak a basic Windows component called LNK – a simple coding which enables shortcut program icons to appear on desktops running Windows software.