Ilfak Guilfanov has released a patch for the Windows metafile exploit that was reported last week. Technically the patch works by intercepting the calls to the user32.dll that causes the exploit to work. More information can be found at the beforementioned link.
While the patch isn’t released by Microsoft and since I have no prior knowledge of Ilfak Guilfanov I have chosen to install the patch anyway since it has been vouched for by Steve Gibson (of the Security Now! podcast) who I trust. Steves comments to the patch can be found at his website.
Please note: I had to reregister the DLL (“regsvr32 shimgvw.dll”) that I had previously unregistered to avoid the exploit before installing the patch.
