Originally reported by McAfee, the vulnerability is related to animation files played in Internet Explorer versions 6 and 7 even in fully patched systems.
There is a description of the exploit at http://vil.nai.com/vil/content/v_141860.htm
This is probably a low-level threat but the exploit has already been seen, so it is probably worth noting.
Initial reports are that Firefox 2.0 is not vulnerable and interestingly enough, unpatched XP or SP SP1 are not vulnerable.
As I said above, this is probably a minor threat at the moment, but there is already at least one Trojan using this vulnerability and it is particularly dangerous because it could quietly insert random code on a system and, unless you have security tools to warn of this, you would never know.