Those of you using Microsoft Windows 2000 or XP will want to follow this story: Steve Gibson has examined WMF and he now believes it was deliberately coded. It looks to him that Microsoft put a backdoor into Windows, which can be triggered even if Active X is turned off and security is at high. It could be a renegade coder, he says, but it's not, in his view, bad design or a mistake.
I can't evaluate what he says, but if it's true it is so serious to your privacy and security, I would feel irresponsible not to point you to his podcast, so you can evaluate for yourself. So the podcast is here. Also, there are a number of Sony lawsuits going on, and some are considering settling. They also might like to know about this issue.
He is still testing, so this is a preliminary finding. It's possible that in a week he'll have more answers or a different explanation. Microsoft has yet to speak. Gibson is not an Open Source advocate, but he says he's gravitating toward it now.
Warning: you have to get through some graceless conversation about whether to use hacker or cracker, but that's just the first couple of minutes.
UPDATE: An explanation from the Microsoft Security Response Center Blog.