Microsoft is looking into a vulnerability, found in its IE 6, IE 7 and IE 8 browsers, which could let attackers gain administrative user rights on Windows-based computers and let them host malicious websites.
According to the Redmond-based company, the bug does not affect the IE 9 and IE 10 browsers, according to Microsoft.
The company said in a statement that it is aware of targeted attacks that try to exploit this vulnerability through Internet Explorer 8.
"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer," added Microsoft.
"An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."
Engineers of the company have recommended techniques for checking the vulnerability.
Security advisor FireEye said that the site had been a host to the malicious code since December 21.