Attackers flock to Internet Explorer VML exploit