Millions of Internet Explorer 6 users are at risk from three "extremely critical" security holes that give hackers open access to PCs running the browser - even if Windows XP Service Pack Two has been installed.
The first issue centres on the browser's drag and drop capability, which does not validate new files correctly. This means that, potentially, a document downloaded from a web page using drag and drop may contain malicious code.
The other problems affect all Windows systems, including those protected by Local Computer zone lockdown that comes with SP2. The first allows specially designed (.hhk) files to be used to include malicious code on systems and the second stems from a zone restriction error that could allow code to be downloaded form web sites involuntarily.
At least one of the flaws was reported to Microsoft last year but no patches have so far been made available.
Security firm Secunia has released an advisory warning that the holes are "extremely critical" and recommends users dump IE and use an alternative browser.
Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible. Through the joint effort of Michael Evanchik and Paul from Greyhats Security a very critical vulnerability has been developed that can compromise a user's system without the need for user interaction besides visiting the malicious page," Secunia warned in a statement.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago