Microsoft has released two security warnings for problems affecting two products and one application.
A serious bug affecting Microsoft Virtual Machine could enable a malicious website to compromise a system and take actions such as changing data, loading and running programs, and reformatting the hard disk.
Web surfers would have to visit the website to be hit - but the vulnerability also poses a risk via HTML email.
Microsoft Virtual Machine allows Java programs to run on Windows and is shipped as standard in most versions of Windows and Internet Explorer.
The flaw affects 98, Me, NT 4, 2000 and XP installations, and has been tagged by Microsoft as critical. A patch and more info is available here.
The company confirmed that flaws in Microsoft Proxy Server 2.0 and Internet Security and Acceleration (ISA) Server 2000 could allow attackers to break installations of these products so that they would stop responding to internet requests.
An update has also been issued for users of Proxy Server 2.0 and ISA Server 2000, and the vulnerability has been classed as important because of its potential for creating Denial of Service attacks.
"An attacker on the internal network could send a specially crafted packet that would cause the server to stop responding to internal and external requests.
"Receipt of such a packet would cause CPU utilisation on the server to reach 100 per cent, and thus make the server unresponsive," the company warned.
A patch for this vulnerability is available here.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago