This title is a bit misleading. This exploit will not be able to fully exploit anyone running on Vista or Windows 7, since Internet Explorer renderers run in low integrity processes on those operating systems (essentially, they are sandboxed). No one has released a second exploit that would escalate privileges outside of this sandbox.
If you are running IE on Windows XP and you've taken no other steps to protect yourself (like running EMET, SandboxIE, or another mitigation), then it's your own damn fault that you got owned. On the other hand, take a look at how many exploits for IE that Rapid7/Metasploit has that support Windows 7: 0.
"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer."
What's more, most people run with administrator privileges on Windows 7/Vista/XP because that's the default.
Yes, I'm sure that my analysis was correct. IE8+ on Vista+ run IE renderer's in Low Integrity, which means read-only access. It's not possible to further compromise (ie, install malware) on the exploited machine without a second exploit that escalates integrity levels to medium.
If you are running IE on Windows XP and you've taken no other steps to protect yourself (like running EMET, SandboxIE, or another mitigation), then it's your own damn fault that you got owned. On the other hand, take a look at how many exploits for IE that Rapid7/Metasploit has that support Windows 7: 0.