Microsoft is investigating the second security flaw discovered in its Internet Explorer browser this week.
The latest reported browser flaw could allow a remote attacker take over a user’s Windows-based computer.
The flaw has been reported to the company by Dutch programmer Jeffrey van der Stad, who published limited details of the flaw on his website.
The problem relates to the way Internet Explorer processes HTA files, which are used with web applications.
The reported vulnerability affects Internet Explorer 6 running on the Windows 98, Windows XP and Windows 2003 Server operating systems, according to van der Stad.
He says the bug could allow a remote attacker to run an HTA file without the affected user's permission.
Microsoft said it was investigating the issue and would consider issuing a security patch to address the potential problem at a later date. The company is not aware of any exploits of the bug in the wild.
Earlier this week, Microsoft said it was tackling a problem in IE6 that reportedly allowed remote attackers to run arbitrary code on affected users’ systems, once they had visited a malicious website.
Microsoft's next scheduled security patch release date is Tuesday 11 April.