The software giant said in the revised advisory that it "is currently aware of limited attacks that use this exploit code." The vulnerability first was disclosed last Monday on the exploit repository Milw0rm.
In addition, the company is monitoring new proof-of-concept code that was created to launch denial-of-service attacks against vulnerable IIS versions 5.0, 5.1, 6.0 and 7.0, a Microsoft spokeswoman said Friday.
Users should be aware that IIS 7.5 is available for download on Vista and Server 2008 builds, said Alan Wallace, senior communications manager at Microsoft, in a post on the Security Response Center blog.
In its advisory, Microsoft recommends workarounds but admits they may not be completely effective to stop a DoS attack.
"We're working to develop a security update," Wallace said. "This update will be released once it reaches an appropriate level of quality for broad distribution."
Microsoft is scheduled to release its monthly security fixes on Tuesday, but a patch for this issue is not expected then.