With a new weakness in Microsoft’s Windows operating system, computer security experts say that it could put hundreds of millions of PCs at risk of infection by spyware and viruses.

Microsoft, the world’s biggest software company, is being targeted by hackers from a newly found Windows exploit. The potential of a security threat is huge, as F-Secure, an antivirus company, announced.

The Microsoft Windows flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But
the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it.

Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. “We are working closely with our antivirus partners and aiding law enforcement in its investigation,” the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.