Thought I'd share the details of the following, which was posted on SANS
Internet Explorer 0-day exploit
the UK group "Computer Terrorism" released a proof of concept exploit against patched versions of Internet Explorer. We verified that the code is working on a fully patched Windows XP system with default configuration.
Arbitrary executables may be executed without user interaction.
Microsoft have posted some info here
. There's detailed info from Computer Terrorism here
You can test if you could get 0wned here