Microsoft has upgraded one of its patches to 'critical' after discovering new ways in which it could be used by hackers.

The flaw affects the two latest versions of the company's Outlook email client.

Microsoft is warning customers to download and install the patch immediately. The patch was previously rated as 'important'.

The company said in a statement: "Based on information regarding a new attack scenario discovered after the bulletin's release Microsoft is increasing the severity rating on MS04-009 from 'important' to 'critical'.

"This rating change is to assist customers in making informed risk assessment."

Anyone using Office XP or Outlook 2002 Service Pack 2 is at risk, but those who have already installed the patch are protected.

The vulnerability allows hackers to remotely execute code on PCs through malware contained in a website.

By sending an HTML email to the target an Outlook mail is automatically opened. This allows code on the website to be automatically downloaded and allows the hacker access privileges to the target computer.

The new attack vectors were pointed out to Microsoft by security consultants iDefense and Finnish security expert Jouko Pynnönen.

Microsoft Security Response Center