The MsVidCtl 0day has been passed around and fully distributed since at least the 6th. We have been monitoring multiple groups abusing Internet Explorer’s capability to render streaming video.
The payloads vary, from adware to social network credential stealing. ThreatFire has been preventing the exploit within the community from the start. We anxiously await a hotfix, something past the killbit workaround. Georg Wicherski points out that the vulnerability is a trivial one, in which the attacker can abuse the SEH handler. But really the current heap spray attack code that we have seen is reliable and less effort to implement with the spray. What has worked in the past will continue to be put out in prevalence!
In the meantime, your information is safe and protected against observed and unknown exploits attacking this vulnerability with ThreatFire.