Just fyi:

Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution

Disclosure/Writeup:

http://www.rec-sec.com/2009/07/06/ms-directshow-msvidctl-exploit/

MSF exploit:

http://trac.metasploit.com/changeset/6750