The good news is that to use this exploit your PC already has to be comprised pretty badly.  The attacker must already have to the ability to run binaries on your system as there is a significant amount of code that needs to be loaded in order to run this particular exploit.  Unfortunately once they do have that control, they can thoroughly disable your anti-virus, even if you are running without administrative privileges.  Consider it the second part of a two step attack with the first attack coming through an ActiveX or Acrobat (etc) drive by exploit.  The attack goes straight for an exploit in the System Service Descriptor Table, a tried and true method for rooting PCs running Windows.  You can get some more technical info by following the link from The Register.

“Researchers say they’ve devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it’s executed, swaps it out with a malicious payload.”

Here is some more Tech News from around the web:

Tech Talk