Microsoft is investigating two new security flaws in Windows Vista and Internet Explorer 7 following warnings from a group of French security experts - the French Security Incident Response Team .

The security flaw in Windows Vista affects the way the operating system handles user permissions. It could be exploited by a hacker to gain access to protected files on a computer. The bug also affects Windows XP, Windows 2000 and Windows Server 2003.

Similarly, the flaw in Internet Explorer 7 affects version 6 of the web browser as well, and could be exploited in phishing attacks.

Microsoft said it doesn't regard these security flaws as high-risk but it is investigating the problems. A spokesperson said there may be a security patch for these flaws included in Microsoft's next Security Update , due on 13 March.