A recent video submission by Abysssec demonstrates the Internet Explorer CSS 0day currently rampaging  – reliably working on Windows 7 and Vista. The exploit bypasses DEP and ASLR without the use of any 3rd party extensions.

Internet Explorer CSS 0day on Windows 7 from Offensive Security on Vimeo.