Microsoft says it will not adapt Internet Explorer to stop malicious Java dialog boxes appearing on trusted sites that users have accessed.
The problem, reported by security research company Secunia, affects all browsers and not just Internet Explorer.
The boxes are a phishing attempt to get users to enter sensitive data such as passwords, which can be forwarded to remote fraudsters.
Microsoft is the first company to react to the threat, via an advisory on its TechNet site.
The company said the threat was not a result of a bug in its browser, but could only happen as a result of standard browser functionality.
It said users could tell that a dialog box that popped up was false by the lack of an address bar and a lock icon.
Microsoft has instead referred users to two sites that inform users about how to spot such spoofing attacks.
A firewall installed on users’ machines would help to prevent the rogue code being downloaded in the first place.