The Internet Storm Center has released a patch to protect against the WMF exploit reported last week.
I cannot comment to the veracity or effectiveness of the patch and caution everyone as to it's use without proper testing.
I have no word as to when we will release a patch, but would exercise significantly higher caution if viewing images from the web until your system is inoculated. We have issued a security bulletin and a workaround (Microsoft Security Advisory (912840).) to stave off the exploit in the meantime; at the least, unregister the vulnerable DLL as outlined in: “More information on the WMF Exploit: includes workaround”.