Patch Tuesday brings fixes and warnings

Microsoft has urged IE6 and IE7 users to avoid suspicious links

Microsoft has delivered its monthly security update, and issued a security advisory warning of attacks targeting older versions of Internet Explorer (IE).

The company said that a remote-code execution flaw in IE6 and IE7 is being exploited for malware attacks. IE8 is not believed to be susceptible.

Microsoft is advising users who cannot upgrade to IE8 to avoid suspicious or untrusted links. Using the IE 'protected mode' setting in Windows Vista and Windows 7 will also help to limit the scope of a potential attack, the company said.

The March edition of the security update contains two bulletins addressing eight vulnerabilities in Office.

The bulletins are rated 'important', Microsoft's third of four alert levels. If exploited, the flaws could allow an attacker to remotely execute code on a targeted system.

The first bulletin corrects a flaw in the Movie Maker component for Microsoft Producer 2003, while the second patches vulnerabilities in Excel for Office XP, 2003 and 2007 as well as the 2004 and 2008 versions of Office for Mac OS X.