Credit: Suwaree Tangbovornpichet / Getty Images Despite the efforts of Microsoft and independent security researchers at hunting down Internet Explorer security flaws, a previously unknown IE bug has appeared in the wild and is being used actively to hijack Windows systems, researchers said on Monday.The flaw is in IE’s vector markup language (VML), according to security firm Sunbelt Software, which has spotted an exploit popping up on several Russian-hosted porn websites.“Our security research team has observed a new zero day exploit being used to infect systems,” said Eric Sites, Sunbelt’s vice president of R&D, on a company blog.The vulnerability affects Windows and IE 6 with all patches applied, Sites said. “The exploit uses a bug in VML in Internet Explorer to overflow a buffer and inject shellcode,” he wrote. “It is currently on and off again at a number of sites.”The exploit in circulation installs spyware and attempts to hijack systems to be used in botnets, according to researchers. Sites said research is ongoing, and that Microsoft had been informed of the issue. Users can mitigate the problem by turning off JavaScript, according to Sites.-Matthew Broersma, Techworld.com (London) Related content brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management brandpost Sponsored by SAP When natural disasters strike Japan, Ōita University’s EDiSON is ready to act With the technology and assistance of SAP and Zynas Corporation, Ōita University built an emergency-response collaboration tool named EDiSON that helps the Japanese island of Kyushu detect and mitigate natural disasters. By Michael Kure, SAP Contributor Dec 07, 2023 5 mins Digital Transformation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe