Microsoft has released an emergency fix for Windows 10, following the discovery of a serious flaw in Internet Explorer. The flaw is a remote code vulnerability—one of the most dangerous types of security flaws, as it opens the way for a hacker to remotely take control of an affected system.

At the root of the flaw is how Internet Explorer’s scripting engine handles objects in memory, leading to memory corruption that could allow a hacker to run arbitrary code in place of the user. This would allow the attacker to gain the same rights and authority as the current user, effectively letting them take control of the system.

The vulnerability is serious enough that even the Cybersecurity and Infrastructure Security Agency issued their own advisory, with the agency and Microsoft both urging users to update immediately.

Windows users should be able to update via Windows Update. Microsoft also released a security advisory that includes links to a manual update.