This is very important, this WMF hole is very very nasty. There's now an unofficial patch out. It should be use in conjunction with unregistering the DLL in question. It's all in the FAQ.
I don't normally post about the latest holes, but this is just so very very bad. People need to patch up ASAP. We have IM worms exploiting this, we have trusted sites getting hacked just to inject the exploit into visiting browsers... don't assume you've got it under control, make sure.
I don't normally post about the latest holes, but this is just so very very bad. People need to patch up ASAP. We have IM worms exploiting this, we have trusted sites getting hacked just to inject the exploit into visiting browsers... don't assume you've got it under control, make sure.