JPG-GDI Vuln- Your Time is Up

There are now exploits out there that will exploit the jpg vulnerability to open a remote command prompt or create a local administrator account. While I dont see how this could turn into a worm like sasser or blaster, it could easily be used to spread spyware, and to develop a bot network. Its like mydoom. It could leave a port open that is later harvested by another worm.
Its a good time to be running a firewall, and to be careful of what links are followed. Head over to windows update, and then office update. After that run the GDI Scan Tool available over at SANS.