By now you should have heard about the wmf exploits for Windows.
First seen by me December 23th on an obscure pr0n site.
Saved it, examined it (on a GNU/Linux machine), I couldn't figure out what it was supposed to do untill the vulnerability in Windows was made public December 28 by Microsoft.

But Microsoft finaly updated it and put it on the frontpage yesterday.
Customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.
A patch they promis will be released January 10.
 
Ah.. So it's our own fault for surfing to 'unsafe' sites if we get infected in the mean time..
Whatever happened to Where do you want to go today?
Or the new slogan Start something new
I do like: Get more from your home PC than ever before.
So true..

I'm still laughing about the 10 reasons to install SP2..
1. Help protect your PC from harmful attachments.
2. Improve your privacy when you're on the Web.
3. Avoid potentially unsafe downloads.
6. Take control of your security settings.
9. Take action against crashes caused by browser add-ons.
.. to reduce the potential for crashes and enjoy a more trouble-free browsing experience.

» Read More