Malware writers have been busy creating the Clunky-B and Delf-LT Trojans, which exploit unpatched bugs in Microsoft Internet Explorer. All users are required to do to get infected is to visit a spoof website without clicking anything.

Microsoft was expected to release an emergency patch to cover the flaw this week, as most anti-virus companies consider that the flaw rates an 11 on a scale of one to 10.

Microsoft is supposed to issue a round of security patches next Tuesday, but it is not clear that the flaw will be tackled in that wave either.