New bugs in Windows Vista, Internet Explorer

null
The bug in IE7 also affects the previous version of Microsoft's web browser and could be exploited in phishing attacks

Microsoft is investigating two new security flaws in Windows Vista and Internet Explorer 7 following warnings from a group of French security experts - the French Security Incident Response Team .

The security flaw in Windows Vista affects the way the operating system handles user permissions. It could be exploited by a hacker to gain access to protected files on a computer. The bug also affects Windows XP, Windows 2000 and Windows Server 2003.

Similarly, the flaw in Internet Explorer 7 affects version 6 of the web browser as well, and could be exploited in phishing attacks.

Microsoft said it doesn't regard these security flaws as high-risk but it is investigating the problems. A spokesperson said there may be a security patch for these flaws included in Microsoft's next Security Update , due on 13 March.