World of Warcraft players are being targeted by hackers exploiting flaws in how Windows handles animated cursors.
World of Warcraft has become hugely popular around the globe
The flaw came to light in late March and lets attackers take over vulnerable PCs via booby-trapped websites.
Warcraft players seem to be one of the targets because accounts for the game are potentially worth significant sums of money.
Microsoft has issued a patch for the flaw early to combat the rising number of attacks.
Security firms tracking how criminal hackers are exploiting the cursor flaw suspect there are many websites hosting the code that can be used to take over vulnerable PCs.
Some of the sites have been specially created but others have been hacked to be unwitting hosts for the infection.
The potential for the flaw to do harm grew significantly with the discovery of a website that automatically generates all the attack files needed to turn a site into a booby-trap.
A large number of criminally-minded hacking gangs are cashing in on the flaw.
One Chinese group known to be using the animated cursor flaw scored some success in February when it managed to hack a Superbowl website and use it to host code for spyware.
Analysis of that malicious software showed that it lay dormant on a victims machine until they ran World of Warcraft (WoW) at which point it captured login data and sent it to the hacking group.
There is a ready market for card data on the net
The group's enthusiastic use of the cursor flaw suggests it is trying to do the same again.
The online fantasy game now has more than eight million active players around the world.
Research by security firm Symantec suggests that the raw value of a WoW account is now higher than a credit card and its associated verification data.
One card can be sold for up to $6 (£3) suggests Symantec, but a WoW account will be worth at least $10. An account that has several high level characters associated with it could be worth far more as the gold and rare items can be sold for real cash.
In a bid to head off the growing threat from the animated cursor flaw, Microsoft took the unusual step of releasing a patch for the bug on 3 April.
Usually Microsoft issues security patches on the second Tuesday of every month. The patch for the cursor flaw arrived a week early and Microsoft has been preparing it since December when the bug was first reported.
Windows users can get the patch via automatic updates or visit Microsoft to download it manually.
On its security blog, Microsoft said the patch was released early "to help better protect customers from this threat".
The software giant urged Windows users to download and install the patch.
It said there was a chance that attacks via the vulnerability would increase but had seen little evidence of widespread use yet.