If it seems that in the last year or so you’ve been bombarded by one scary online security threat after another, you’re not wrong. And here comes another one. Microsoft disclosed on Tuesday, Nov. 11 that there is a ‘vulnerability’ in the code that handles encryption and authentication in Windows that could allow attackers to take control of computers running the operating system. And here’s the really fun part: virtually every modern version of Windows is affected. Windows Vista, Windows 7, Windows 8, Windows 8.1, and even the more obscure flavors like Windows RT and Windows Server ALL have this security hole.

That’s the bad news. The good news is that Microsoft didn’t just announce that it had found a problem, it also announced that it had a fix. The fix is a patch which should automatically download if you perform a system update (to find out how to do that go here).

Microsoft says that so far it is not aware of any bad guys exploiting this vulnerability, but now that they have disclosed its existence it is only a matter of time.

However, savvy web surfers who download the patch now can make sure they are safe before any bad guys get a hold of their Windows machines.