The cursor exploit which Microsoft is having so much fun with has become much more popular among exploiters lately. According to some estimates, there are more than 2,000 sites using this exploit to one end or another. Websense, who gathered these statistics, says that these sites are either directly hosting exploit code or are redirecting to sites with the code, and that the number of infected sites has risen dramatically since the exploit was made public last month.
Microsoft did release an emergency fix, outside of their regular patch cycle. How many people are unpatched or are unable to patch? Probably a lot, especially with the number of companies that delay patching for compatibility reasons. The nature of this exploit is such that immediate patching is a good idea, especially since it requires no interaction beyond visiting a compromised site. As the article mentions, it may be a long time before we see the end of this one.