Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution.

What does this mean?  Zero day means the bad guys were exploiting it BEFORE anyone else knew about it.  What this flaw menas is that if you visit a website that is hosting video and the video files are necoded in mpeg2(most dvd format movies among others use this) then the video itself can ahve code in it that wil execute and can take over your system without your knownledge.

MIcrosoft and the world, when are you going to realize that you cannot have things able to access the kernel from the browser directly?  It doesn’t matter how many layers of security you put around it a way is going to be found for this exact type of thing to occur.

How do you get around this?  if you are running IE go here. Click the button under enable workaround and install the package.  There is no automated update from Microsoft yet.