Read Tom Liston's diary entry from SANS Internet Storm Center.
To the best of my knowledge, over the past 5 years, this rag-tag group of volunteers hasn't asked for your trust: we've earned it. Now we're going to expend some of that hard-earned trust:
This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice - unregister shimgvw.dll and use the unofficial patch. You need to trust us.