[Richy Rich]

TotalSquare, this is a Steve Gibson site. But you don't have to “buy” anything here. If you don't trust the “patch” you can manually disable Windows Metafile- then restore it once Microsoft figures out the solution here.

If you search Google you can find chatter about this exploit. But no mention of it at Windows update. Hmmm

Minnow, I think the “non secured” refers to unsecured web pages that are sent over the internet. These pages can be intercepted by a “third party” and read. No big deal. Vast majority of data sent over the internet are unencrypted.