kaled - 5:33 pm on Dec 16, 2008 (gmt 0)

If the mechanism of this attack involves a carefully crafted image file, then presumably, enabling hardware data execution prevention should stop it dead. However, since MS does not appear to be pushing this solution, it may not work in this case. Nevertheless, I would still recommend taking this action (but exceptions may be required for older software).

Kaled.