The new vulnerability affects every version of Windows currently supported. This is a zero-day vulnerability. The vulnerability resides in MIME HTML also called MHTML which allows Web content to render in a web browser or other apps including email. This attack allows an attacker to send a HTML email to the user which triggers a script to collect user information. For now, use FireFox, Google Chrome or another, currently unaffected browser.