Microsoft has released two patches for security bugs in its Windows 2000 operating system, as computer security experts called one of the bugs a potentially "serious" threat to users. The patches target two security bugs in Microsoft Index Server.
The most serious of the two bugs is called the "malformed hit-highlighting argument vulnerability" and could allow outside parties to view files on a Web server. This bug could allow hackers to look at files containing user passwords or credit card data.
Many users may be using Microsoft Index Server without knowing it, security experts said. This means they may not be aware that they need to download and install the new patch.
The second bug is considered less dangerous but it could allow a third party to access information about the server and the network it is on. Microsoft said that the bugs were discovered too late to fix in the version of Windows 2000 which will be launched in mid-February.