I apologize if this information has already been posted; I haven=92t been able to read all the posts today. Many of the exploit descriptions that I=92ve seen reference .WMF files. Like prior GDI exploits, this isn=92t strictly true. If the exploit file is named with another graphics extension (i.e. .gif, .jpg, .png, .tif), the GDI library will still read it correctly as a WMF file and execute the exploit. As a result, all common graphics files can carry the exploit.