Hackers found sophisticated exploit within Windows font files.
Microsoft was forced to patch two zero-day bugs in Windows after hackers were caught exploiting them by the security company FireEye Labs.
In one instance a tampered font file was delivered to a multinational group through an Office document, while the other bug hackers to escalate privileges in several versions of Microsoft’s OS.
FireEye said: "We have no evidence of these exploits being used by the same actors. Instead, we have only observed each exploit being used separately, in unrelated attacks."
The firm added that the nature of the font attack led them to believe the hacker had a "high level of sophistication", with the bug having an expiry date, customisation for different OS versions, and a string decoding process to prevent security analysis.
FireEye claims to have identified 16 zero-day exploits within the last two years, five of which have taken place this year. A zero-day attack hinges on software bugs that can lie unpatched for years, unknown to the developers or users.
"We appreciate FireEye Labs using Coordinated Vulnerability Disclosure to assist us in working toward a fix in a collaborative manner that helps keep customers safe," Microsoft said in a statement.