Microsoft has released a downloadable cumulative patch to address recently discovered flaws on its Internet Explorer web browser software.

The patch targets flaws that could allow code of the attacker's choice to run, the company said on its web site, describing the threat as "critical".

Exploitable vulnerabilities, particularly with regard to html - the programming language of browser pages - could allow hackers to alter web pages or post malicious new pages, the company warned.

The patch can be obtained here, and is applicable for users of Microsoft Internet Explorer 5.01, Microsoft Internet Explorer 5.5 and Microsoft Internet Explorer 6.0.

The security flaw addresses several scripting and information-disclosing vulnerabilities.

Programmers also found that it would be possible to introduce a behaviour change to the restricted sites zone. Specifically, it disables frames in the restricted sites zone, compromising security.

The patch is another embarrassment to Microsoft; just last month the company had to issue a patch to address problems in its Outlook email software.