In an advisory posted yesterday, Microsoft said that "limited and targeted" attacks are in progress by hackers exploiting an unpatched vulnerability in the WordPad Text Converter, a tool included with all versions of Windows. The flawed converter handles Microsoft Word 97 files on Windows 2000 Service Pack 4 (SP4), XP SP2, Server 2003 SP1 and SP2.

Newer versions of Windows -- XP SP3, Vista and Server 2008 -- are not vulnerable to the bug, however.

So, evidently, if you have current updates [SP3], and/or do not open suspicious attachments... [*.wri?] should be fine.