I just read a report on Kaspersky's Viruslist blog (Viruslist blog) that earlier reports that unregistering and deleting the SHIMGVW.DLL will NOT protect you - they claim the vuln is in the GDI32.DLL.

Also, F-Secure (source) is reporting that a well known low-level Windows expert, Ilfak Guilfanov, has written and published a fix for free that wont break image functionality that hapens when unregistering the SHIMGVW.DLL. According to F-Secure it injects itself into all processes loading USER32.DLL. Ilfak wrote the program Interactive Dissassembler Pro BTW.

You can download it here: http://www.hexblog.com/2005/12/wmf_vuln.html

I'm installing it now to check it out...try it at your own risk as I cant give any validity at this point in time.

Let's just hope MS gets that patch own SOON as I worry about my friends, family, and coworkers opening all those holiday greeting card emails ....with WMF exploit code.