Microsoft issued its second bulletin in two weeks to Windows business users warning of a vulnerability to the Java Virtual Machine code.
The new warning says that an attacker could place a Java applet on the victim's machine that would allow the attacker to perform any task the victim was authorized to perform.
"This could potentially include adding, changing or deleting data or configuration information," the bulletin warns.
This is the second bulletin Microsoft has issued since March 4. The first warning told users that an attacker could redirect all Web traffic from a machine by placing a Java applet on the victim's computer. That warning also said the attacker would be able to know where a victim was surfing on the Web, what actions the victim took and potentially capture the victim's passwords and other secure information.
According to the bulletin, both vulnerabilities affect only those users who access the Web via proxy servers, which means the problems will affect businesses but probably not home users. Both vulnerabilities are rated "critical" by Microsoft.
Microsoft said an update the company released March 4 should take care of both problems.