Oh joy! Reports of a really bad exploit in WMF, which will affect fully patched Windows XP systems. Ed Bott sums it up nicely:
This is a zero-day exploit, the kind that give security researchers cold chills. It works by exploiting a weakness in the Windows engine that views graphics in the Windows Metafile (WMF) format. You can get infected by simply viewing an infected WMF image.
Fun stuff. Until there’s a patch, beware the metafile, my son! The jaws that bite, the claws that catch!
Update Saturday: Some computers are already protected from this, via Data Execution Prevention. Read about it (including how to check) here.