The exploit takes advantage of Origin's uniform resource identifier -- the protocol through which hyperlinks and shortcuts launch Origin itself and execute commands. Typically, a URI is clicked on by the user, either in the form of a link in a web browser or as a shortcut on a desktop, at which point the URI launches Origin and tells it what game to load, and how.
As it happens, certain Origin-exclusive games are vulnerable to having their execution commands subverted by precisely formatted URIs.
Under normal circumstances, the Origin website creates links which allow it to uninstall or launch games, along with other similar tasks. If a user clicks on a special Origin link created by an attacker, Origin will execute code that might be dangerous for your computer. The links start as "origin://," so it goes without saying that you should be wary of clicking anything like that if it's not coming from Origin itself.
Avoiding this exploit is thankfully simple, however: Open Origin first, and launch games from there. The exploitative instructions are contained within the URI hyperlink -- take that out of the equation, and you should be fine.
