A spokesVole said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim's computer.
The software maker advised customers on its website late on Monday to install the security software as an interim measure, buying it time to fix the bug.
Security researchers think that Vole will have an update for its browser in about a week.
The tool that Microsoft is suggesting is known as the Enhanced Mitigation Experience Toolkit, or EMET, is available through an advisory on Microsoft's website: blogs.technet.com/b/msrc/
The software needs to be downloaded, installed and then manually configured to protect computers from the newly discovered threat.
This makes it pretty useless to the great unwashed who still have not worked out how to program their video recorders.
The company also advised customers to adjust several Windows security settings to thwart potential attackers, but warned that this might make the PC harder to use.
Eric Romang, a researcher in Luxembourg, discovered the flaw in Internet Explorer on Friday, when his PC was infected by a piece of malicious software known as Poison Ivy that hackers use to steal data or take remote control of PCs.