Six critical vulnerabilities have been found in IBM's Lotus Notes that could allow attackers to take over corporate systems.
Internet security researcher Secunia said the bugs were “highly critical”, saying that some of the flaws could create buffer overflows, allowing remote attackers to compromise corporate systems.
Some of the other vulnerabilities can be exploited if users simply view malicious e-mails, while others require users to open attachments or extract compressed files attached to a message.
Several versions of Lotus Notes are at risk, including 7.0 and 6.5.4, admitted IBM. Updating Notes to 6.5.5 or 7.0.1 will solve the problem, the company said.
“Users are strongly urged to use caution when opening or viewing unsolicited file attachments,” said IBM.
The Lotus Notes platform was also affected by a number security bugs last month. These allowed remote attackers to launch denial-of-service attacks to crash corporate systems.
Lotus Notes competes against Microsoft’s Outlook e-mail client.