Web monitoring firm Websense reported that a Swedish-hosted website has been engineered with malware built in that exploits a flaw in unpatched versions of Internet Explorer. The flaw allows hackers to gain complete control of PCs visiting the infected site.
"At this time, malicious websites have been observed to exploit this vulnerability by downloading and running code on the end user's machine," said the company in a statement.
"We expect to see additional exploits of MS05-038 in the near future, as it is very new and allows privileged access to the machine."
The website containing the code purports to be advertising pharmaceutical products and its URL has been spammed out to millions of inboxes. Owing to a small flaw in the malware, visitors to the site will also suffer a browser crash.
This is the second Microsoft patch to be cracked in less than a week. Exploit code for another patch appeared on Friday and by Monday had been used in a worm that is hitting Windows 2000 systems particularly hard.
NatWest outage comes a day after Barclays' IT systems shut out customers and staff
The ICO is concerned with AggregateIQ's retention and processing of data used in the Brexit referendum
Map selection, quick menus for grenades and healing items and automatic reload coming in PUBG update #22
Could be used for everything from search-and-rescue robots to wearable tech