Data execution prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. In Windows XP SP2, DEP is enforced by both hardware and software.
SunbeltBLOG probably has the most updated information. Another attack vector was discovered today as well. This time it's from rotational ads meaning a user can be infected by going to any site displaying the rotational ads from Exfol/WebExt. McAfee has a good description of Exfol's adware. Info here on WebExt. Sunbelt has a video of the exploit as well.
Oh, and let's not forget the most important method of prevention. Go out and buy a Mac, or ditch Windows and start running Linux. TODAY!!! Never mind that you won't be able to run most of your current applications, or that it will cost you a considerable amount of money and time to make the switch, and the fact there's a steep learning curve for learning Linux. According to a lot of folks posting in the talkbacks here, it's a piece of cake and the *only* real solution to the spyware problem.
Update: Lotus Notes has been found to be vulnerable to this exploit. Posted at SANS.
John Herron at NIST.org discovered today that Lotus Notes versions 6.x and higher is vulnerable to the WMF 0-day exploit. In the advisory, located on the NIST website here, John reports that Lotus Notes remained vulnerable even after running the regsvr32 workaround in the Microsoft security advisory.
Folks, unregistering the SHIMGVW.DLL is not a foolproof solution.