Despite Microsoft Corp enhancing the security of its Internet Explorer browser, another flaw has been found, making it possible to execute arbitrary software code on a networked machine using the device. The company dismissed security problems that arose with the browser last year (CI No 3,130), when a programmer showed how a single downloadable program could disable all further security measures in the browser. This discovery came just two weeks after the same programmer found a downloadable program could alter the security settings, completely disabling the browser (CI No 3,126). But although the software giant showed it was unfazed by the discoveries it set about enhancing the security measures, introducing security zones that divide the web into sections that can be defined by systems administrators (CI No 3,176). The latest bug operates on Microsoft’s mk:// protocol and adds extra characters to the system call, which then gets executed as program code. In response to the new flaw, the company has said it will try to get a patch up to stop the problem within a week, but the it is reassuring worried users that the hole is not easily exploited.