Microsoft says it is not to blame for a rash of web server attacks that have affected half a million web pages.
When web surfers visit the affected pages, their computers have been hit by malware.
And online reports suggest that UN and Government sites are amongst those that have been targeted.
It had been suggested that vulnerabilities in Microsoft's SQL Server software were being exploited in the attacks.
But the company has now firmly refuted this allegation.
Speaking on The Microsoft Security blog, Bill Sisk, of the Microsoft Security Response Center said: "Microsoft's investigation has shown that there are no new or unknown vulnerabilities being exploited".
"This wave is not a result of a vulnerability in Internet Information Services or Microsoft SQL Server. The attacks are facilitated by SQL injection exploits and are not issues related to IIS 6.0, ASP, ASP.Net or Microsoft SQL technologies."
The entry also offers advice to those who have been hit by the attacks.