Microsoft recently fixed a bug that is almost 19yrs old. No kidding. It seems all versions of Microsoft starting from Windows 95 to the latest Windows 8.1 was carrying this bug.
The bug was discovered by IBM researchers in May 2014. According to researchers, the bug enable a hacker to carry on a drive-by attack on a computer. A drive-by attack is when a malware is downloaded to a computer and run codes remotely, so that the hacker can take control of computer. It is called drive-by because the malware do not need a user permission to get downloaded. It can simply get downloaded without the user even knowing that he just downloaded a file. A simple visit to a malicious site is enough to get these files downloaded to your computer.
As of now, it seems no hackers have taken advantage of this bug. There are no reported incidents where the hackers used this bug to get access inside computers. But as the news is out now, the hackers might try to exploit the loophole if your operating system is not patched to fix the bug.
Microsoft released patch for this bug on Nov 11, 2014. The bug is considered serious. Microsoft released patch for all operating system versions except XP. Microsoft seems to be adamant in sticking on to their policy not to support XP. So if you are an XP user, you ran the chance of hackers trying to exploit the bug. One more reason why using XP is not safe anymore.
For other operating systems except XP, just keep your updated. The automatic update will install the patches automatically on your machine.