Elements of Russian organized crime have taken the lead in exploiting Microsoft's .ANI bug, and the hackers are trying to lure users to malicious Web sites with new promises of nude pictures of celebrities like Paris Hilton and porn star Jenna Jameson.

The lures are being spammed out by the same underground hackers group that last week used a similar ploy with promises of pictures of a a naked Britney Spears, according to Sophos, Inc., a security company with U.S. headquarters in Burlington, Mass.

The spammed out e-mail messages have subject lines like, "Hot pictures of Paris Hilton nude" and contain an embedded image, not of the hotel heiress who is famous for being famous, but of porn star Jenna Jameson. If users click on the image in the e-mail, the link takes them to a Web site containing the Iffy-B Trojan, which then points the user's computer to another piece of malware that tries to exploit the Microsoft vulnerability.

"The problem is that consumers and businesses may not yet have patched themselves against this vulnerability, and clicking on unsolicited e-mails like these could lead them to a nasty malware infection," said Graham Cluley, senior technology consultant for Sophos, in a written statement.

Microsoft released an emergency patch for the .ANI bug last week. Security professionals, though, are concerned that users who are slow to patch will become new victims as attacks on the vulnerability continue to surge. Dan Hubbard, VP of security company Websense, said in an interview that the patch hasn't slowed the creation of new exploits. They're still coming online at an alarming rate.

"We're seeing a little over 2,000 sites that have exploits or point to exploit code in one way or anther," said Hubbard, who last week reported that there were 700 malicious sites online. "The patch definitely helped. It went from 100% of people with Internet Explorer being vulnerable to a smaller subset. It didn't slow the attacks. It just made their success rate lower."