The fix is known to work on Windows 2000, XP (SP1 and SP2), XP64, Windows 2003. It does not work on Windows 98, ME, NT. The impact of the vulneratility for unsupported systems is small and they are not as vulnerable as 2000 and XP.
Just run wnffix_hexblog14.exe. If the fix happens to be incompatible with your system, it will inform you about it and quit. After the successful installation, reboot and use the vulnerability checker to ensure that the fix is active.
You can run the installer in the silent mode:
wmffix_hexblog14.exe /VERYSILENT /SUPPRESSMSGBOXESThere will be no dialog boxes on the screen and the installtion will be completely automatic.
The hotfix will be listed in the Add/Remove programs window and you can uninstall it from there.
Use the checker to verify that the hotfix works. If should report that your system is invulnerable. In it reports that your system is still vulnerable, check the HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs registry key. It should contain a reference to c:\windows\system32\wmfhotfix.dll. There are some programs known to clean up this registry key. The fix will not work in this case. You should find and disable the program which cleans the registry key or uninstall the hotfix.
The hotfix disables a vulnerable function in GDI32.DLL. It does not disable any other functionality: you will still be able to use the Fax & Puctire viewer and other programs. It does not alter any file on your computer, the modifications are done in the memory and will disappear as soon as the hotfix is unistalled and the computer is rebooted.
The hotfix should be uninstalled from the computer after applying the official patch from Microsoft.