Ed Bott posted this temporary remedy to make sure your system cannot be compromised by the recently announced Windows vulnerability Cameron posted about earlier. This is a temporary fix and Ed's instructions include a means to undo the fix once Microsoft comes up with a more permanent solution.

Applying this remedy will disable your ability to view thumbnails in Windows Explorer windows, open and save file dialogs and will disable the Preview command on the context (right-click) menu. Yes, that's a hassle. It's worth it. The exploits now circulating in the wild can create a wide open back door into your system allowing an intruder to do just about anything they desire.

Here's Ed's remedy:

One way to prevent this exploit from working is to disable the Windows Picture and Fax Viewer component. To do so, click Start, Run. In the Open box, type the following command:

regsvr32 /u shimgvw.dll

Press Enter to make the change.

This measure isn’t without side effects. Disabling this component eliminates the capability to view thumbnails of all image types (not just WMF files) in Windows Explorer folders, and it zaps the Preview command for images as well. You can work around these limitations by using a graphics viewing/editing program.

To re-enable the Windows Picture and Fax Viewer, issue this command:

regsvr32 shimgvw.dll

Another route, which preserves the ability to view thumbnails in Windows Explorer while disabling the attack vector is to edit the Registry. All the usual caveats apply about backing up the Registry, understanding that you can wreak all manners of havoc on your system if you do the wrong thing, etc. Fortunately, Jerome Athias has posted links to two prebuilt registry files that will disable and enable the appropriate key for you on the Full Disclosure security mailing list. Simply download both files and store them where you can easily find them. Double click on the Disable file to protect yourself and run the Enable file at a later date when the underlying flaw has been fixed by Microsoft.

eWEEK reports that a number of antivirus programs have already been updated to protect against the malformed WMF files that create this vulnerability.

UPDATE: ZDNet's George Ou reports that extensive testing has proven that the only safe route is using the command line to disable the Windows Picture and Fax Viewer component. He says that repeated tests using the prebuilt registry keys posted by Mr. Athias do not protect your PC from this attack and that his test bed was "flooded" with spyware and other malicious code within seconds when he relied on the Athias patch files.