The bug, discovered this week by a Colorado programmer, lets certain Java applications send and receive images on the Internet through the Microsoft browser. The hacker must know the location and site of the image he or she wants to alter.
For example, a disgruntled former employee could take advantage of the bug to set up a Web site, which he asks former co-workers to visit. When the workers visit the site, the disgruntled worker could link back to his former employer's network and steal images from within the company. Microsoft said it is still trying to determine whether the glitch only affects image files.
The bug is found in Internet Explorer 3.x and 4.0 and affects the Windows 95, NT and 3.1 operating systems. Apple Computer Inc.'s Macintosh platforms are not in danger, Microsoft said.
Microsoft said the bug only affects image files, and it plans to post any additional information at its Web site.