The anti-virus folk have been working overtime this holiday chasing down the spread of the WMF exploit. Basically there's a vulnerability on Windows that is currently unpatched and affects viewing, accessing or indexing infected images. Full details are over on the F-Secure Blog. I recommend you read the first half dozen or so entries.
What's interesting here is that F-Secure are recommending an emergency unofficial patch. I've installed it here in the absence of anything else.
The patch is available at the IDA Pro Hex Blog. It takes a second to install (and can be uninstalled when an official patch is available). This is simpler than the previously published workarounds.
Edit: 5th January 2005. Microsoft have began distributing the official patch via Windows Update. More details on F-Secure.