An unpatched flaw in some Internet Explorer versions is being actively used by attackers, who are installing on Windows systems nasty code, a new report has unveiled.

Microsoft has been claiming that it is now working on to fix the error. Saturday, the company said that engineers have been offering temporary workarounds unless and until a permanent fix is found.

As per the findings, the versions of IE affected by the bug include IE 6, IE 7 and IE 8. However, IE 9 and IE 10 browsers are still in the safe zone. It is being said that the company knows about the targeted attacks, the aim of which is to misuse the weakness and susceptibility through Internet Explorer 8.

The company adds that an assailant would probably be able to own a specially crafted website. The same has actually been designed with an aim to exploit this vulnerability via Internet Explorer, thereby convincing a user to visit the same.

The issue has arisen has IE reaches an object in memory, which either is deleted or is not allocated adequately. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer", sources quoted Microsoft as affirming.