Putting the fun in browser fun

Matt Miller posted to the Metasploit Blog about a technique that allows arbitrary code execution in Internet Explorer using any fatal unhandled exception. Every Internet Explorer denial of service flaw is exploitable if MS06-051 has not been installed. More information can be found in the Uninformed Journal article.