Microsoft is downplaying the threat, saying it has only seen a "very limited number of targeted attacks against a small subset of corporations." That doesn't seem to matter to France and Germany, which have warned against using Internet Explorer until a patch is available.
Websense says it has seen "limited public use" of the unpatched IE vulnerability in drive-by attacks.
According to Websense, the exploit of Internet Explorer 6 that was allegedly used last month by the Chinese to break into Google's corporate network is now being used to attack consumers. Computerworld reports that Websense says it has seen "limited public use" of the unpatched IE6 vulnerability in drive-by attacks against users who happen onto malicious Web sites.