Microsoft has announced that today at approximately 6pm GMT, it will release an emergency out-of band patch to fix the Internet Explorer zero day security vulnerability.

The company said that the MS10-002 security update will address “the limited attacks against customers of Internet Explorer 6”, as well as fix vulnerabilities rated critical that are not currently under active attack.

The flaw, which hit the headlines because it has been used to attack targets such as Google, when it was used to hack into Google mail accounts. Although it was used against companies using IE6, the flaw was known to affect IE 7 and 8. It led the French and German governments to issue a warning to computer users to use another browser.

Microsoft said in a statement: “We recommend that customers install the update as soon as it is available. For customers using automatic updates, this update will automatically be applied once it is released.”

Security firm Symantec agreed and said it had warned people that although so far it had only been companies that had been attacked, hackers were likely to soon turn their attention to consumer PCs.

Joshua Talbot, security intelligence manager for security firm Symantec said: “This security hole is so dangerous because it allows for remote exploitation. Despite the fact that we’ve seen just limited attacks using this vulnerability, with exploit code public, there is no reason to think we won’t see more attack attempts.”