http://milw0rm.com/exploits/7403
Played around with it, got code exec in Vista SP1:
http://www.offensive-security.com/0day/iesploit-vista.rar
Updated my Vista Box:
After fully patching my box, the exploit was still working, giving full code exec. Yikes.
