The software giant estimated on Saturday that about 0.2 percent of worldwide IE users have surfed to websites that are hosting the exploit, according to the Microsoft Malware Protection Center blog. That number was up 50 percent from the prior day.
Researchers Ziv Mador and Tareq Saade said cybercriminals have used legitimate websites, such as a popular Taiwanese search engine, and a number of pornography sites to host the attack.
The vulnerability was announced Wednesday -- one day after Microsoft issued its monthly round of security fixes -- and affects all supported versions of IE, including the beta version of IE8. The flaw, according to Microsoft's advisory, relates to an invalid pointer reference in the data-binding function of IE.
Roughly 6,000 sites have been seeded with the malicious code, often to launch SQL injection attacks against visitors, Ivan Macalintal, advanced threats researcher at Trend Micro, said in a Saturday blog post. He said one of the infected sites was for a popular Chinese sporting goods retailer.
Users are encouraged to apply suggested workarounds detailed in the advisory.