Security researchers say a newly discovered zero-day vulnerability in Microsoft Windows is being used in live ransomware attacks. The flaw has reportedly been seen in multiple countries within the past hour, raising concerns that attackers are moving quickly to weaponize it before many systems can be patched.

Because the issue is already under active exploitation, security teams are urging organizations to treat it as urgent. Standard advice includes limiting exposure, applying vendor guidance as soon as it is available, and watching for suspicious activity tied to ransomware intrusion patterns. In cases like this, even a short delay can leave networks open to compromise.

Reuters reported that the attacks are not isolated to one region, suggesting a broader campaign rather than a one-off incident. That makes the risk especially serious for hospitals, schools, companies, and government offices that rely on Windows systems and may have large attack surfaces.

The episode is another reminder that widely used software remains a prime target for cybercriminals. For users and administrators, the immediate priority is to verify defenses, review backups, and follow Microsoft’s security updates closely as more technical details emerge.