A temporary, unofficial patch for the WMF exploit is available for Windows 2000/XP/x64 users to install to rid themselves of the risk of being rooted by one of what seems to be a plague of nasties rattling around the world wide web.
SANS have a vetted version of the hotfix which was initially written by Ilfak Guilfanov. In Ilfak's blog it explains that the temporary fix kills off an a escape sequence which, while plugging the hole, could be used by some programs. Regular thumbnail viewing and windows image printing still work, however, so it should be OK for most to use... just look out for any programs suddenly losing functionality or behaving oddly after the installation of this.
A lot of sysadmins are very unhappy with Microsoft failing to break out of their patching schedule and release a fix for this exploit as soon as possible. It is a very serious vulnerability and it's pretty much impossible to stop at corporate firewalls and routers, so individual machines need to be patched. It would have been great for sysadmins to have had something to roll out before everybody returns to work after the holiday, but unless they opt for the 3rd party hotfix, that's not going to happen.
Of course, Microsoft's patch won't be able to take the same approach as the 3rd party fix, as they cannot run the risk of breaking software and need to thoroughly test it, but have they been working through the holidays, like some sysadmins have, to try to ease the chaos?
Ilfak Guilfanov's site, Hex blog also has an exploit checker to see if you've successfully remedied the problem - although be warned that it might not be a thorough check.
I'm sitting with the new patch installed, but I'll feel much happier when I can uninstall this one and apply Microsoft's hotfix.
