The more serious of the two flaws is a remote code-execution vulnerability affecting Outlook and Exchange Server. The problem involves the way the software decodes message-formatting instructions stored in the Transport Neutral Encapsulation Format (TNEF), which is used when e-mail is transmitted in the Rich Text Format.
The flaw could allow an attacker to gain complete administrative control of compromised systems, according to Microsoft. The company said in a security bulletin that the vulnerability could be triggered when an end user opens or previews a malicious e-mail message or when Exchange Server processes such a message.
What makes the TNEF flaw particularly dangerous is the fact that it doesn't require any action by users in order to be exploited, said Michael Sutton, director of VeriSign Inc.'s iDefense Labs unit in Reston, Va.
"All that needs to take place is for an e-mail to get sent to a server," Sutton said.
But exploiting the flaw likely won't be easy, said Alain Sergile, technical product manager for the X-Force team at Internet Security Systems Inc. in Atlanta. "We think that from a software engineering perspective, it will be fairly complicated to exploit, but it is feasible," Sergile said.
The other flaw disclosed last week involves the way that Windows handles embedded Web fonts. Microsoft said attackers could exploit the vulnerability by constructing malformed Web fonts and then tricking users into visiting malicious Web sites or viewing specially crafted e-mail messages.
In a related matter, details of two new flaws in the way that Windows renders images in the Windows Metafile (WMF) format were posted on the Web. But security researchers said those vulnerabilities are far less serious than the one that Microsoft patched two weeks ago, ahead of its monthly update release.
"This is only getting any attention because it's WMF and Microsoft just released a WMF patch," said Russ Cooper, a senior information security analyst at Cybertrust Inc. in Herndon, Va., and editor of the NTBugtraq mailing list.
-- Robert McMillan of the IDG News Service contributed to this story.