One vulnerability, in the operating system's LoadImage function, could enable an attacker to compromise a victim's PC when the computer displays a specially crafted image placed on a Web site or in an e-mail. The other vulnerability, in the Windows Help program, likewise could affect any program that opens a Help file.
Because the flaws are in a library used by Windows programs, almost all browsers and e-mail clients are likely affected by the flaws, said Alfred Huger, senior director of engineering at Symantec.
"They are rather serious," Huger said. "Both can be exploited by anything that processes images or reads help files."
Del med dine venner