Microsoft has released two security warnings for problems affecting two products and one application.
A serious bug affecting Microsoft Virtual Machine could enable a malicious website to compromise a system and take actions such as changing data, loading and running programs, and reformatting the hard disk.
Web surfers would have to visit the website to be hit - but the vulnerability also poses a risk via HTML email.
Microsoft Virtual Machine allows Java programs to run on Windows and is shipped as standard in most versions of Windows and Internet Explorer.
The flaw affects 98, Me, NT 4, 2000 and XP installations, and has been tagged by Microsoft as critical. A patch and more info is available here.
The company confirmed that flaws in Microsoft Proxy Server 2.0 and Internet Security and Acceleration (ISA) Server 2000 could allow attackers to break installations of these products so that they would stop responding to internet requests.
An update has also been issued for users of Proxy Server 2.0 and ISA Server 2000, and the vulnerability has been classed as important because of its potential for creating Denial of Service attacks.
"An attacker on the internal network could send a specially crafted packet that would cause the server to stop responding to internal and external requests.
"Receipt of such a packet would cause CPU utilisation on the server to reach 100 per cent, and thus make the server unresponsive," the company warned.
A patch for this vulnerability is available here.
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones