Microsoft has completed development of a security update to fix the vulnerability and is now testing it for quality and application compatibility, with a goal of releasing the fix worldwide on Jan. 10. For more details, see the following link.

http://www.microsoft.com/presspass/press/2006/jan06/01-03WMFUpdatePR.mspx

It's here now, January 5th. Get it.

Microsoft Security Bulletin MS06-001
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
Published: January 5, 2006

http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

Note: If you have Automatic Updates enabled, it will install automatically:

http://h1.ripway.com/SpywareDr/VirtualDr/images/kb912919.gif