Microsoft spokeswoman Yunsun Wee said in a statement that "the vast majority" of Internet Explorer users had not been attacked as a result of the security flaw.
The vulnerability in Internet Explorer was identified on Friday by a Luxembourg-based security researcher. His computer was infected while analyzing a computer server used last year to launch a cyber industrial espionage campaign on dozens of chemical makers and defense contractors.
Network security firm AlienVault said on Tuesday that it had discovered three other servers that hosted malicious websites that exploited the Internet Explorer flaw. It said the latest round of attacks targeted defense contractors, not the general public.
Internet Explorer was the world's second-most widely used browser last month, with about a 33 percent market share, according to StatCounter. It was close behind Chrome, which had 34 percent of the market.