Microsoft Corp. on Tuesday released a security patch to fix a critical hole in its Internet Explorer Web browser that the world's biggest software maker said could allow an attacker to take control of a user's computer.

The patch was released two weeks ahead of a regularly scheduled monthly security update after Microsoft said it became aware of a public attack utilizing the vulnerability. The company added that the impact on customers was limited.

Microsoft typically issues security patches at the beginning of the month. The flaw rated at critical the highest level exists in the coding for Vector Markup Language, or VML. The company defines a flaw as critical when the vulnerability could allow a damaging Internet worm to replicate without the user doing anything to the machine. The company has been working for more than three years to improve the security and reliability of its software as more and more malicious attacks target weaknesses in Windows and other Microsoft software.