Microsoft has confirmed that a newly discovered Internet Explorer bug could allow an attacker to take control of an affected system. 

The vulnerability is caused by an error in the way that the browser processes the 'createTextRange' method call on a radio button.

Security firm Secunia issued its second highest security rating of 'highly critical' for the bug in an advisory. 

Microsoft said that users can protect themselves by turning off Active Scripting, and stressed that users should limit their browsing to trusted websites.

The bug report comes just 24 hours after Dutch programmer Jefferey van der Stad disclosed on his blog that Microsoft had confirmed that he had found vulnerability in Internet Explorer 6. 

The security hole allows the browser to execute HTA files without users' permission.

Microsoft told the programmer that a patch will be issued as part of the firm's next patch release on 11 April.

On Monday, details surfaced of yet another Internet Explorer security hole. This one could be used to crash the browser by using more than 94 event handlers in an HTML tag. The Secunia advisory rates the bug as 'not critical'.