Confirmed: createTextRange vulnerability is being exploited
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS%5FDLOADER%2EBXR&VSect=P
I do note on the diagram that it stipulates that only the "January edition" of Internet Explorer 7 Beta 2 Preview is vulnerable.
There has been a lot of confusion about whether the March build (that is, 5335.5) is vulnerable to the createTextRange exploit because, despite the MS Security Blog and the Technet article noting that IE7 Beta 2 Preview Mix06 Build is not affected, other sites stated that the IE7 Beta 2 Preview was affected without stipulating build, and some stated IE7 Beta 2 (not the Preview) was vulnerable ... umm, guys... IE7 Beta 2 hasn't been released to the public yet.
Now, if only MS would update their own advisory (http://www.microsoft.com/technet/security/advisory/917077.mspx) which, although it states that IE7 build released on March 20 is not affected, does not list earlier versions of IE7 in the "Related Software" list.