"I told you so"

I hate to be right sometimes. Just after posting about bad guys not taking a break, a new"Zero-day exploit" was discovered. Even fully patched Windows machines are vulnerable as this was a previously unknown vulnerability. Be wary about downloading or viewing files with the extension WMF as malicious WMF files provide an attacker full system privileges.
AVOID these websites as they are known to download malicious WMF files onto your PC.
Crackz [dot] ws
unionseek [dot] com
www.tfcco [dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
toolbarbiz[dot]biz
toolbarsite[dot]biz
toolbartraff[dot]biz
toolbarurl[dot]biz
buytoolbar[dot]biz
buytraff[dot]biz
iframebiz[dot]biz
iframecash[dot]biz
iframesite[dot]biz
iframetraff[dot]biz
iframeurl[dot]biz
Latest update: I found a work-around solution to temporarily minimise the risk of getting compromised*.

To un-register Shimgvw.dll, follow these steps:

1.	Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.
2.	A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.

To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).

* Please contact your resident security professional for assistance if required.