After hearing of the software vendor's change in plans, Kesner said he was "very excited and glad that Microsoft broke its usual schedule" of releasing patches on the second Tuesday of each month. IT workers at Fenwick & West met on Thursday to discuss plans for testing and rolling out the WMF patch on an emergency basis.

Dave Jordan, chief information security officer for Virginia's Arlington County, said Thursday afternoon that staffers there had already started testing different versions of Microsoft's patch and planned to deploy them as quickly as possible.

WMF is a 16-bit image format that is processed by the graphics-rendering engine in Windows. The flaw came to light in late December after security vendors began detecting exploit attempts. Attackers could use the vulnerability to run malicious code on vulnerable machines, steal data from infected systems and turn the computers into zombies for relaying spam and other malware, according to advisories from Microsoft and security researchers.

There were no known reports of widespread attacks on corporate systems, and Microsoft listed 11 security vendors that claimed their antivirus tools could protect users from attempts to exploit the flaw. But some security vendors pegged the total number of attack methods targeting the vulnerability at more than 200 as of Thursday. The escalating number of attacks prompted some security researchers to recommend that companies immediately download the unofficial patch developed by Ilfak Guilfanov, a programmer who works in Belgium.

For example, Bethesda, Md.-based SANS Institute made Guilfanov's patch available on its Web site and urged IT managers to download it. The unofficial patch had been downloaded more than 120,000 times as of last Wednesday, said Johannes Ullrich, chief technology officer at the Internet Storm Center threat-monitoring service operated by SANS.