Security experts have advised internet users to either turn off some Internet Explorer features or to use another browser. Unknown attackers who had taken control of several Web servers used the flaw last week to install a remote-access program, dubbed JS.Scob.Trojan, onto the PCs of visitors to those sites.
"I hope that Microsoft will come up with a patch soon," said Johannes Ullrich, chief technology officer for the Internet Storm Center, a site that monitors network threats. "Until they do, you basically have two choices: Disable JavaScript in Internet Explorer or install another browser."
More here.