I just got notice that the JPEG/GDI+ exploit that I talked about a few posts back has appeared on usenet, more specifically on some adult newsgroups such as alt.binaries.multimedia.erotica.transsexuals, a*.b*.pictures.erotica.transexual, a*.b*.p*.e*.transexual.action, a*.b*.p*.e*.transsexual, a.b.erotica.beanie-babies, a*.b*.e*.breasts, a*.b*.e*.christy-canyon, a*.b*.e*.fetish, a*.b*.e*.original.sin and alt.binaries.erotica.pornstar.
No need to believe the attempted exploit use will remain limited to these newsgroups. Apart from that, the exploited JPEG file can (and probably will) be renamed to for instance .bmp or .gif without affecting the usability. In other words, when you receive or download a exploited JPG that has been renamed to .bmp, windows (and the vulnerable GDI+ DLL) will still treat the file as JPG, with the potentially devastating results.
Please make sure your virusscanner is up-to-date and includes images in its scans, install SP2 if you're running Windows XP and haven't done so yet, as well as patch all Office programs through Office Update. Putting Outlook and Outlook Express in plain text mode won't hurt either, as it'll prevent (infected?) images to be loaded from the internet without your interference.
More info on the current events can be found here : JPEG/GDI+ Exploit appears on Easynews (plain text file).