That is an incorrect conclusion.
Can you expand please Vlk.
Of course. What I meant is: if an AV's goal is to protect you from security threats, it is an incorrent conclusion (that avast FAILS). If the goal is to detect proof-of-concept stuff (completely benign!), then yes, avast FAILS.
In other words, show me one single malicious wmf file that avast does not detect.
That said, we will be releasing a generic solution to the problem in the tomorrow's (well today's if you're based in continental Europe) VPS update that should get rid of the problem for good.
On a side note, Dwarden is right that this is an issue in all versions of Windows, from 3.0 to the latest Vista beta. The funny thing is that it's not a buffer overrun problem (that is, a coding bug) - instead, it's a _feature_ of WMF files. That is, the WMF file format definition allows inclusion of code (that is called when printing fails - it's an error handler). This means that
1. the definition of the WMF file itself is flawed, not the implementation, and
2. other programs that can work with wmf files and adhere to the definition are theoretically vulnerable as well - and indeed, this is the case with e.g. IrfanView or XNView.
Cheers
Vlk