Microsoft is currently investigating two high-risk flaws that have been reported by security specialists’ eEye Digital Security. The flows hit Internet Explorer and Outlook programs.
According to eEye’s security alerts, the security holes could let an attacker execute remote code with no action from the user. The holes affect the default installations of Internet Explorer and Outlook running on Windows NT 4.0, Windows 2000, Windows XP or Windows Server 2003.
Both flaws were reported to Microsoft on March. As yet, Microsoft has not issued any patches.
“At this time, Microsoft is not aware of any malicious attacks attempting to exploit the reported vulnerabilities, and there is no customer impact based on this issue,” Microsoft said.
Microsoft has advised users to ensure their firewall is activated and recommended that users visit its website for tips on how to protect themselves.