"Microsoft is aware of research concerning an industry-wide issue affecting certain implementations of the XML encryption standard. We continue to evaluate our products to determine which applications, if any, use the implementation approach in question," a company spokesman said.

The software giant doesn't yet have any recommendation to make. "We will provide guidance concerning Microsoft's XML implementation to third-party developers as appropriate," the spokesman added.

The researchers claim that there is no simple fix for the problem and the standard needs to be changed. Nevertheless, they will try to summarize some countermeasures in an upcoming paper.