Very interesting interview with Leo Laporte and a developer, Steve Gibson, about his analysis of the recent Windows WMF exploit. He believes Microsoft left this "backdoor" in the Windows operating system intentionally, possibly to allow them to always have a method to force a file onto users' PCs (such as in an update) even if they have ActiveX and other features in IE turned off. Or was this done behind Microsoft's back by a malevolent employee? Read the interview and judge for yourself.
After you're done, download his tool, called "MouseTrap", to detect if your PC is still vulnerable to the Metafile exploit. Of course, if you regularly update your operating system, you're hopefully safe. If you just want the brief summary on this issue, scroll down to the Facts vs Spin section of the download page.