Microsoft is investigating reported security flaws in the default installation processes for its Internet Explorer browser and the Outlook and Outlook Express e-mail clients.
The flaws have been reported by internet security company eEye Digital Security, which has refused to offer further details on the flaws until Microsoft completes its investigation, and possibly issues a patch to the problems.
It is believed the bugs allow an attacker to take control of users’ machine by taking advantage of a buffer overflow opening in the applications.
The flaws affect users of both Windows XP and the older Windows 2000 operating system, which is still widely used by business users despite the end of full support from Microsoft.
Microsoft said it is unaware of any attacks on customers’ systems using the flaws.