*HEADS UP* - 0 day Microsoft DirectShow vulnerability .
Original advisory issuer : http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799
A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.
ISC : http://isc.sans.org/diary.html?storyid=6733
This isn't up on secunia as of now.