An unpatched security hole in Internet Explorer that is being exploited by hackers potentially affects all versions of the browser, Microsoft says.
When the flaw was originally discovered it was thought it only affected Internet Explorer 7. In an updated advisory, Microsoft warns users that it potentially affects all Internet Explorer users, including those using beta 2 for IE 8.
The advisory also tells users how they can better protect their systems from attack with workarounds, in the absence of an existing security patch.
The company recommends setting the internet zone security setting on browsers to "high", and using access control lists to counter the malware.
If users' computers are compromised by the malware, remote attackers could have access to their machine's data.
Microsoft has not said when it will be ready to issue a patch. Its next official monthly patching date is 13 January, but something is expected before then.