Despite the efforts of Microsoft and independent security researchers at hunting down Internet Explorer security flaws, a previously unknown IE bug has appeared in the wild and is being used actively to hijack Windows systems, researchers said on Monday night.

The flaw is in IE's Vector Markup Language (VML), according to security firm Sunbelt Software, which has spotted an exploit popping up on several Russian-hosted porn Web sites.

"Our security research team has observed a new zero day exploit being used to infect systems," said Eric Sites, Sunbelt's vice president of research and development, on a company blog.

The vulnerability affects Windows and IE 6 with all patches applied, Sites said.

"The exploit uses a bug in VML in Internet Explorer to overflow a buffer and inject shellcode," he wrote."It is currently on and off again at a number of sites."

The exploit in circulation installs spyware and attempts to hijack systems to be used in botnets, according to researchers. Sites said research is ongoing, and that Microsoft had been informed of the issue.

Users can mitigate the problem by turning off JavaScript, according to Sites.