In its brief warning Monday, US-CERT offered few details on the attack, saying simply that the organization is "aware of active exploitation" of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims.

These files are "designed for the sole purpose of executing commands," so they should not be accepted from untrusted sources, Microsoft said in a note on its Web site.

Run by the U.S. Department of Defense, US-CERT is charged with coordinating the nation's response to cyberattacks.

Companies typically block the use of .mdb files, but criminals could be using this attack in a targeted strike against an organization that is known to use this particular file type, said Ben Greenbaum, senior manager for Symantec Corp.'s security response. Symantec itself has seen no evidence of the .mdb exploitation that prompted the US-CERT alert.

The files are not something that the average user would come across on a daily basis, he added. ".Mdb files are blocked by default in most installations of Internet Explorer and Outlook Express," he said. "I am a bit surprised to see active exploitation happening over this vector."

While US-CERT did not say which flaw was being exploited, Greenbaum said the vulnerability could be a recently discovered buffer overflow bug in the Microsoft Jet DataBase engine used to parse Access files.