Microsoft is advising customers to take additional security precautions following the discovery of new attacks targeting Internet Explorer.

The company said in a Security Advisory that the attacks exploit a vulnerability in an ActiveX control for the Microsoft Office Web Components software.

Embedding a specially-crafted spreadsheet file within a web page could allow an attacker to cause an application crash and gain the access rights of the current user, potentially allowing for remote code execution on the target system.

The ActiveX vulnerability is the second such flaw to be attacked in recent days. Microsoft issued a warning last week about attack taking aim at a flaw in the Microsoft Video control.

Microsoft has provided an automatic workaround which disables the vulnerable component, but did not give information on when a permanent fix will be released.

News of the latest flaw comes on the eve of the company's planned monthly patch release. Microsoft said in its advance notice that it will be issuing fixes for six security flaws.

However, the new alert has surfaced so close to the planned Patch Tuesday release that security experts believe Microsoft is unlikely to issue a fix along with the monthly update, and are advising users to run the automatic workaround procedure.