The security flaw in Windows Vista affects the way the operating system handles user permissions. It could be exploited by a hacker to gain access to protected files on a computer. The bug also affects Windows XP, Windows 2000 and Windows Server 2003.
Similarly, the flaw in Internet Explorer 7 affects version 6 of the web browser as well, and could be exploited in phishing attacks.
Microsoft said it doesn't regard these security flaws as high-risk but it is investigating the problems. A spokesperson said there may be a security patch for these flaws included in Microsoft's next Security Update , due on 13 March.