Zero day internet explorer flaw attempts to bypass ASLR (Address Space Layout

Randomisation).
ASLR protects from buffer overflow attacks by randomising the location where system

executables are loaded into memory.

Non-ASLR modules can be loaded when the browser loads a page with ms-help:// in the

URL and is not compiled with ASLR.

This is a known ASLR bypass for Internet Explorer 8/9 on Windows 7.
Heap spray is where you spray a large part of the heap memory with shell code and nops.
That way, when you jump to any part of the heap, most of the heap has been sprayed with nops
and your shell code, so there is a decent probability that youre jumping to a nop followed by

your shell code and then you can execute your shell code.
The whole point of having nops is that you often dont have precise control where your exploit

code can overtake the execution.

As long as your exploit lands somewhere inside this nop sled, then it will just slide straight

into your shell code.

The exploit code utilises a use-after-free vulnerability, which is a type of memory corruption

flaw that accesses memory after it has been freed.

At this point, control is passed over to the heap and then the shell code can be run.
The shell code can drop a malicious payload onto the computer.
The way this exploit gets to the user in the first place is the attack has to be socially engineered

onto the user.

This can be via an email attachment, install file, etc.