Read the article, but the gist of it is that a fully up-to-date Windows system, if browsing a malicious site containing the exploit, can be made to execute arbitrary code that the attacker has intended on your system. Quoting from the article:
The proof-of-concept exploit, which is available from the FrSirt site, currently launched the Windows Calculator (calc.exe) but can be easily modified by malicious hackers.
What I’d really like to see is someone modifying the proof-of-concept exploit to instead fetch a copy of Firefox, perform an unattended install of it, then rename IEXPLORE.EXE (the MSIE executable) to something else and replacing it with a copy of FIREFOX.EXE. Of course, I’m sure anyone who did such a thing could go to jail because there’s no distinction made between “good hacking” and “bad hacking” in our lovely legal system. You know, the same legal system that lets killers walk free but makes hackers go to jail.