Wolfgang Kandek, CTO of Qualys, urges IT admins to apply the Fix-It since it at least addresses the known attacks, but cautions them to also beware of the ongoing active threat. "IT admins in enterprises should track this vulnerability closely, as a large percentage of enterprises still run the affected versions of Internet Explorer 6, 7 and 8."
VMware's Research Development Manager, Jason Miller, suggests that IT admins make sure antimalware protection is kept up to date to guard against new attacks. He also points out that IE9 and IE10 are not affected and that one solution would be to simply upgrade to a newer version of the browser. Of course, that won't work for users still on Windows XP or older versions.
Storms expects Microsoft to release an out-of-band patch within the next couple weeks to address the IE zero day.