Microsoft has released an Security Advisory 2490606 for a publically known remotely-exploitable vulnerability in Microsoft Windows graphic rendering engine. Microsoft Windows Vista, Server 2003 and Windows XP are affected by this security hole. windows 7 and windows Server 2008 Rc2 Operating systems are not affected by this exploit.
The security hole can be exploited only if user open a malicious web page, PowerPoint or Microsoft word file. Once your system is hacked then hacker can install programs, view, change, or delete data, or create new accounts with full user rights.
A patch for this problem is not available right now, but we can hope to get it next scheduled Patch Tuesday.