Three new vulnerabilities in Windows metafiles were made known this week. The vulnerabilities can be used to cause Denial of Service (DoS) attacks, and exploits using the new vulnerabilities have already been made public. However, at this time, it does no't appear that the vulnerabilities can be used to execute code.
Microsoft is aware of the problems. The company said they "had previously identified these issues as part of our ongoing code maintenance and \[we\] are evaluating them for inclusion in the next service pack for the affected products."