Microsoft is urging Windows users to update their systems with the latest security patches it has released to fix three critical flaws in its software.
The flaws mostly affect Windows 2000 and Internet Explorer. Users with updated Windows Server 2003 and XP systems are not as much at risk.
If left plugged in, they could allow hackers and virus writers to take control of personal computers remotely.
Microsoft releases security bulletins regularly to alert people to updates.
The most serious of the flaws are awarded a "critical" status.
Open to attack
The first of the three flaws applies to Internet Explorer users. The loophole could leave a computer open to a virus or worm attack, which could then let an attacker take complete control of an affected computer.
A vulnerability was also found in the Print Spooler service and the Plug and Play (PnP) hardware detection feature in Windows, both of which could leave systems open to attack and vulnerable to remote control.
Users are being urged to download the patches to fix the flaws. Most security updates happen automatically if the auto update function is activated in Windows software.
Graham Cluley, senior technology consultant at net security firm Sophos, said that Windows users should "sit up, listen and take action."
"Although we have seen no malicious code in the wild yet which exploits these critical security holes in Microsoft's code, we have seen malicious worms and hackers follow these announcements very soon after the vulnerability's disclosure."
He added: "Fortunately with Windows XP SP2 it is easier to keep your computer up-to-date with security patches than ever before."