By Help Net Security
CoreLabs initially discovered the vulnerability in Internet Explorer as part of its ongoing research efforts. The flaw specifically affects IE versions 5, 6 and 7 under Windows 2000/2003/XP and Vista. Although it is present, the vulnerability cannot be exploited when a vulnerable version of IE is used in a security-enhanced mode called Protected Mode. Protected Mode is enabled by default in IE 7 for Vista. At the time of the original report, Internet Explorer 8, then in the pre-release Beta phase, was also found to be vulnerable. However, the problem was fixed in the commercially released version of IE 8 and this version is therefore no longer vulnerable.
Source: Help Net Security