Source:
http://www.pcdoctor-guide.com/wordpress/?p=2043 The WMF exploit is another example of an irresponsible disclosure by people with an interest in security putting millions of PC users worldwide at risk from the vulnerability (I want to make it clear here that it is not Sunbelt who was irresponsible - I saw a number of irresponsible disclosures of proof of concept code on several websites and this code has formed the basis for many of the current exploits we are seeing).
This is being listed as a "zero day" exploit. A zero day exploit means the code to exploit the vulnerability is released the same day the vulnerability advisory itself is released.
For those who tend to visit sites which could be using the WMF exploit and don't want to wait for a patch here is a work around to protect yourself.
This only effects Windows XP(Home/PRO) and Windows 2000
Go to START and RUN and type in
regsvr32 /s /u shimgvw.dll and click OK. This will unregister the WMF image viewer. It shouldn't impact your Internet browsing much since not many sites use WMF graphics any way.
YOU WILL NEED to REBOOT