Last Tuesday Microsoft released a Security Bulletin (MS09-002) for critical vulnerabilities which affected its Internet Explorer browser. The vulnerability exists because of improper error handling when accessing deleted objects and allows remote code execution through a specially crafted website.
This week a few websites in China started to actively exploit this vulnerability and the malware (jc.exe & wininet.dll) is detected as Spyware/Virtumonde. The websites involved in this example have been blocked by Panda’s Identity Protect Technology, which will block Panda's users before reaching the exploit sites.
We recommend applying Microsoft's patch immediately.