I recommend applying his hotfix. At this point, it is the only broadly effective deterrent to the WMF exploit.
As Tom Liston at SANs says:
To the best of my knowledge, over the past 5 years, this rag-tag group of volunteers hasn’t asked for your trust: we’ve earned it. Now we’re going to expend some of that hard-earned trust:
This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice – unregister shimgvw.dll and use the unofficial patch. You need to trust us
However, it does not support Windows 98 and ME. For that, I would unregister shimgvw.dll (still not a perfect fix) as explained here and keep your AV signatures updated. You can apply all my other ideas optionally, but those two things are the core things to do.