Other researchers confirmed that attacks were increasingly coming from compromised Web sites.

Microsoft noted the upswing in attacks on the company's late Saturday. "The trend for now is going upwards," said researchers Ziv Mador and Tareq Saadecom on the blog. "We saw a huge increase in the number of reports today compared to yesterday."

Hackers have been exploiting a data binding bug in IE for , according to researchers who first noted in-the-wild attack code on . The vulnerability, which of the Microsoft browser, including IE5.01, IE6, IE7 and IE8 Beta 2, has so far been exploited only by attack code that targets IE7, the most widely-used edition.

Mador and Saadecom said that attacks are increasingly being launched from legitimate Web sites. "Some legitimate Web sites were maliciously modified to include the exploits," the two said. A popular Taiwanese search engine and a Hong Kong-based pornography site were among the sites hacked, then set up to attack visitors running IE.

Researchers at also reported a big increase in hacked sites serving exploits aimed at the new IE bug. On Saturday, the security firm estimated that about 6,000 sites have been infected so far, noting that the count was "quickly increasing in number."