The flaw in IE10 that we reported on February 14, 2014, which then was confirmed by Microsoft a few days later as affecting both IE9 and IE10, has gone from a limited to a full-on attack.
Symantec today is warning the public that the 'Snowman' zero-day is spreading at an increased rate. The original intent of the exploit code was obtained from compromised web sites and it was limited in scope. However, since February 22nd, the attacks started to increase in intensity targeting many parts of the world.
Microsoft has yet to supply a true patch for the flaw, but still maintains that the Fixit solution released on February 20th or upgrading to IE11 are the best choices to protect computers, for now.