As a result, the software giant says it is speeding up its plans to patch the flaw, but is advising users to apply an interim workaround to prevent the problem from being exploited by cybercriminals.
Reporting on the announcement, security researcher Brian Krebs said last night that Microsoft noticed the pace of attacks tapping the exploit has picked up, "with more than 10 000 distinct computers having reported seeing this attack at least one time."
"If you run either Windows XP or Server 2003, I'd encourage you to consider running Microsoft's stopgap Fixit tool to disable the vulnerable help center component", he said in a security blog posting.
According to Krebs, the component disabled in the workaround can be re-enabled following the Microsoft instructions on the relevant pages.
"Users who apply this fix don't need to undo it before applying the official patch once it becomes available, which at this rate probably will be on Tuesday, July 13", he said.