The exploit is currently being used to distribute the following threats: Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Small.ga Trojan.Win32.Small.ev. Some of these install rogue anti-malware programs. You might want to block these sites while waiting for a Microsoft patch: Crackz [dot] ws unionseek [dot] com www.tfcco [dot] com Iframeurl [dot] biz beehappyy [dot] biz toolbarbiz[dot]biz toolbarsite[dot]biz toolbartraff[dot]biz toolbarurl[dot]biz buytoolbar[dot]biz