That’s not good, but at least anyone using Internet Explorer on a modern version of Windows will likely see a patch within a couple weeks’ time. Since Microsoft finally ended support for Windows XP on April 8th, it will not receive an update. This is the first known security flaw since that support deadline passed, and it bears true the warnings voiced by the tech community. Windows XP is no longer secure, and it’s time to move on.

Security firm FireEye, which revealed the flaw to Microsoft, says that there’s evidence of an active exploit targeting Internet Explorer 9 through 11 and Adobe Flash. All Internet Explorer users, regardless of operating system, have a few choices for avoiding this exploit. The easiest method is to use another browser, like Chrome or Firefox (both of which are currently still supported for Windows XP). If you need to stick with Internet Explorer, Microsoft has published some more advanced methods alongside its service advisory, including enabling Enhanced Protected Mode. Regardless of what you do, it’s a good a idea to take some action to make sure you’re safe from the exploit.