Internet Explorer Web pages processes using the createTextRange() method is at present being exploited by attackers on thousands of malicious Web sites.  Web surfers are enticed into visiting these Web sites could have unauthorized installed software on their computers.

Microsoft has termed these attacks as limited in scope, yet the problem is being taken seriously by the company because of the exploits could eventually seize the control of a user computer.

"We're working day and night on development of a cumulative security update for Internet Explorer that addresses the vulnerability," wrote Stephen Toulouse, head of Microsoft's Security Response Center, in a Saturday blog posting.

Marc Maiffret, speaking for eEye, reportedly was critical of Microsoft taking so long to release its patch, so the company decided to release a temp patch of its own. Microsoft has suggested disabling Active Scripting, a solution that it has recommended before for similar problems, and one that presumably a large percentage of users won't be able to do.

eEye's said that its patch will remove itself automatically if users download the patch from Microsoft when it comes.