Dangerous new exploits in Internet Explorer could put PCs and data at risk, Microsoft has confirmed.
All three flaws affect the software giant's Internet Explorer browser and the flaws – for which code has already been published on the internet, could be exploited to set an a virus free on the internet.
Potential viruses would come as an email attachment that conceals the code, or even redirect users to a site that will unleash the code on an unsuspecting person's PC, leaving the computer open to a remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs which is also known as the machine being a 'Zombie'.
Microsoft said it would produce patches for the vulnerabilities in its next security update due on 11th of April, which shows that even fully patched versions of Internet Explorer 6 are vulnerable to the flaw, it seems, as are users with XP Service Pack 2.
Security firms said specially written websites and hijacked servers were already being used to host the malicious code that uses the loopholes to invade vulnerable machines.
In security bulletins about the trio of bugs, Microsoft played down the threat and said: "The attacks are limited in scope for now."
To avoid falling victim to any attack, Microsoft urged users to avoid websites they did not trust and to refrain from opening attachments on e-mail messages from unknown senders.