Microsoft urged Windows users on Monday to install a free piece of security software to protect PCs from a newly discovered bug in the Internet Explorer browser. The security flaw, which researchers say could allow hackers to take remote control of an infected PC, affects Internet Explorer browsers used by hundreds of millions of consumers and workers. Microsoft said it will advise customers on its website to install the security software as an interim measure, buying it time to fix the bug and release a new, more secure version of Internet Explorer. The free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, is available from Microsoft. Eric Romang, a researcher in Luxembourg, discovered the flaw in Internet Explorer on Friday, when his PC was infected by a piece of malicious software known as Poison Ivy that hackers use to steal data or take remote control of PCs. When he analyzed the infection, he learned that Poison Ivy had gotten on to his system by exploiting a previously unknown bug, or “zero-day” vulnerability, in Internet Explorer.