Microsoft has issues a warning about a flaw that could put websites at risk of attacks.

The problem affects Windows XP Professional SP2, Windows Server 2003, Windows Vista and Windows Server 2008.

It is a web server flaw, which causes a "privilege elevation problem" - in other words, it could open websites to attack by giving a visitor the same access rights as privileges to that of the LocalSystem administration tool.

The problem exists in Windows' handling of code within its Internet Information Services (IIS) and SQL Server, reports VNU.

Microsoft has not received any reports of any attacks targeting this vulnerability as yet.

The computing giant is now deciding on whether to issue a patch immediately or wait until its next scheduled security update on 13 May.