Yep. You've got to hand it to Microsoft.

The holy grail of malware writers was to be able to get some malevolent code into an image. This was long considered impossible until a year ago when it was divulged that a Microsoft library routine flaw allowed a JPEG to be so poisoned. The list of programs using this code is huge.

Now they've done it again to the WMF format.

The official Microsoft advisory is on http://www.microsoft.com/technet/sec...ry/912840.mspx

Be aware that their Workaround (from the technet note above which I installed as soon as I heard of this) messes up Windows Explorer: Thumbnail View, and will also make it very hard to alter various Display Settings (like changing Backgrounds). Still it's better to install the workaround and endure these display problems than risk the malware that's out there already.

What I've done is to copy / paste the bit of info about Unregistering / Reregistering Shimgvw.dll into a textfile on my Desktop to remind me how to temporarily undo the protection workaround if I need to change some settings.