Will Dormann from CERT/CC is credited with the discovery.

This exploits executes calc.exe