Microsoft and US government internet security agency the Computer Emergency Readiness Team (US-CERT) are warning of attacks launched by compromised websites running Microsoft's Internet Information Server (IIS) 5.
US-CERT said it is "aware of new activity" involving websites running IIS 5.
"This file may contain malicious code that can affect the end user's system. US-CERT is investigating the origin of the IIS 5 compromises and the impact of the code that is downloaded to end-user systems," the organisation said.
US-CERT, a partnership between the Department of Homeland Security and the public and private sectors, coordinates defence against and responses to cyber-attacks.
Microsoft is investigating a report that some customers using IIS 5.0 are being exploited by an issue known as Download.Ject.
It said early indications are that IIS 5.0 Servers which have not been updated with security update MS04-011 are possibly under attack. Customers should ensure they have installed MS04-011 to be secure from the issues addressed in that update.
"Microsoft has confirmed that this exploit seeks to alter web pages offered by an IIS 5.0 Server, which in turn exploits vulnerabilities in Internet Explorer [IE] and delivers malicious code to visitors of an affected website," the company said.
"IE customers should download and deploy MS04-013 to ensure they have the most recent security updates for IE. In addition, IE customers should utilise high security settings."
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches