A new set of spam uses the WMF vulnerability as an exploit — right in the spam. Simply viewing the spam in the preview pane will exploit a system (if you’re not patched or don’t have adequate AV protection).
The picture on the left is a normal image. That “picture” on the right (with the red x) is a fake WMF image which triggers the exploit. The source of the spam (with malware links) is here.
Alex Eckelberry