Microsoft has warned millions of its Passport users to upgrade their versions of Internet Explorer to fix a security flaw that leaves personal data vulnerable.

The company has emailed millions of users about the two month old flaw, in a bid to persuade them to visit a security test site at securitycheck.passport.com.

"The reason for the 'canvassing' approach is that we feel that we need to do everything to make users aware of fixes to browser issues that could affect their Passport experience," said a Microsoft spokesman.

The fix is meant to plug a known weakness in IE 5.5 and 6.0. In November, Microsoft warned that the flaw could expose personal data contained in cookies. The flaw could allow a hacker to access users' cookies and modify or steal data, including usernames, passwords and credit card numbers.

Passport is the foundation of Microsoft's plans for the networked future. Its .Net initiative promises a range of unified data management services, including banking and calendar services. But recent security scares are thought to have undermined its efforts to convince users that its services and software are safe.

Microsoft confirmed that it had emailed 25 million Passport subscribers and sent newsletters via Hotmail and MSN internet access accounts.