Microsoft addressed the critical vulnerability earlier this month, but had to issue an emergency update to resolve issues it previously missed.

Researchers said malicious activity dates back to early July and active exploitation was observed two months ago.