As previously published here, this is a quick-and-dirty method to get yourself in a relatively safe position:
1) Click Start, click Run, type “regsvr32 -u %windir%\system32\shimgvw.dll” (without the quotation marks), and then click OK.
2) Restart the machine.
[Update] Note that this workaround still does not remove the vulnerability and will not block “modified” attacks.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.
To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).
MSRC is fully aware about this situation and it is working on a patch to be released in the next days. In the meantime, make sure that your Windows OS is configured for receiving automated updates, and that you have an antivirus program installed.
[Second update – Jan 5] The fix is now available here: http://www.microsoft.com/athome/security/update/bulletins/200601_WMF.mspx