This is the first time that SANS has recommended such a course of action and it underscores the severity of the risk posed to companies by the WMF flaw, said Johannes Ullrich, chief technology officer at the Bethesda, Md.-based ISC.

Even though Microsoft has suggested several work-arounds for the problem, 'there is no effective mitigation against this vulnerability,' Ullrich said. 'It is not like you can disable a function or close a service to protect yourself' without a patch, Ullrich said.

What makes matters worse is that exploits for this vulnerability now exist, as are hacker tools designed to help such exploits sneak past anti-virus and other intrusion prevention defenses, he said. 'It's a threat that's real and is being exploited, and there is no good defense against it,' Ullrich said.

Even so, several users and analysts said that companies should avoid any unsupported or unofficial patch. That's because such third-party patches are unlikely to have been fully tested for quality and application-compatibility issues and could cause unforeseen problems down the road, they said.

'To use the old colloquialism, we are damned if we do and damned if we don't' install the third-party patch, said Matt Kesner, chief technology officer at Palo Alto, Calif.-based law firm Fenwick & West LLP. 'We have looked at Microsoft's work-arounds and they don't seem to be adequate if media and security blog reports are true,' he said.