A security researcher has discovered two fairly serious flaws in Microsoft's Internet Explorer browser and Mozilla's Firefox.

Michal Zalewski, who posts to a security mailing list, says that the browsers' flaws could allow hackers to get data by luring users to malicious websites.

Microsoft has already confirmed that the flaw is present, and does allow a hacker to grab files off a PC's hard drive, but only if their locations are known.

The company is taking "appropriate action".

Firefox is afflicted by a similar flaw, as well as a second one that Zalewski calls "severe" and could allow hackers to alter cookies stored on a PC.

This means that a hacker could tamper with the way some sites are displayed and how they work.

However, Firefox has already come up with a fix to the problem, although it's not bee released yet; it will likely be part of Mozilla's next update.