Looks like it’s not a good day to be Microsoft. Again.
Without directly raising the spectre of another CodeRed-intensity wormflood, The Washington Post is reporting an advisory from Symantec: an unpatched WMF vulnerability is exploited and...
The exploit code, first posted on security mailing list Bugtraq, states that the included Internet address can successfully exploit a fully patched Windows XP system with a freshly updated [Symantec] Norton Anti-Virus.
(bracketed amendment in original)
Now would be a good time to hide your MS-Windows workstations behind a proxy, and order it to block anything named .wmf, claiming to be a WMF image, or file(1)ing as a WMF, since it seduces any graphical web browser running in BillSpace.