As far as I know this .WMF exploit can be renamed to any other extensions (such as BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF or ICO) and it still works so you have to make sure that Web Shield scans *every* graphic file extensions by removing the following from the exception lists
image/gif
image/png
According to Andreas Marx of AV-Test, avast! offers 100% detection for this exploit.
It's in german:
http://www.heise.de/newsticker/meldung/67848Babel Fish Translation can help you get it in english.
http://babelfish.altavista.com/.................................................................................
Andreas's Marx von AV AV-Test a short test with 73 different copies durchgef?t, which are common in the InterNet already.
The virus scanners of Avast!, BitDefender, ClamAV, f-Secure, Fortinet, McAfee, Nod32, Panda, Sophos, Symantec, trend Micro and VirusBuster recognized thereby all 73 as safety risk and k?ten
thus an infection prevent eTrust (VET), QuickHeal, AntiVir, Dr. Web, Kaspersky and AVG nevertheless already scarcely 80% identified.
With less than 20 recognized copies the recognition achievement of COMMANDS, f-Prot, Ewido, eSafe, Ikarus and VBA32 is at present still unsatisfactory. Standard to virus scanner malfunctioned not one file in this test v?ig and criticises.