IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed)."
The firm specializes in finding vulnerabilities in software, most notably from companies like Microsoft, Apple and Adobe.
However, Vupen is no saint. The company sells its research to third-parties, normally in governments and companies, without sharing the details with the affected software makers. The software makers can also purchase the research, and many do.
The new exploit is for the new Windows 8 OS, and also includes the Internet Explorer 10 browser. Vupen has not yet shared the details with Microsoft.