Microsoft is asking users of Internet Explorer and Windows XP to patch security holes.
Microsoft has rated the Internet Explorer vulnerability "critical." The flaw, which affects versions 5.01, 5.5, and 6.0, requires a Web browser to visit a Web site designed to exploit the flaw. If that happens, operators of the site could steal data from or gain control of the user's system. Microsoft has released a cumulative patch that's available at
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/ms03-004.asp.
A second flaw, found in Windows XP, and deemed "important" by Microsoft, resides in the Windows Redirector software, which supports access to both remote and local files. The flaw could let an attacker run potentially malicious software or crash the system. According to Microsoft, this flaw can't be used by attackers to remotely attack the system. A patch is available at
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/ms03-005.asp.
