Our Google quality guidelines include specific behaviors that can result in penalties or removal from our index, but the guidelines also include this message:
These quality guidelines cover the most common forms of deceptive or manipulative behavior, but Google may respond negatively to other misleading practices not listed here…
In case anyone has doubts, pages which exploit browser security holes to install software (esp. malware/spyware/adware/scumware/viruses/worms/trojans) are outside our quality guidelines. Pages that use security holes to install software may be removed from Google’s index.
The Sunbelt BLOG mentions a new exploit of the Windows WMF graphics rendering engine that applies to Windows versions from 98 to XP. This is a pretty nasty exploit, esp. if you surf around scuzzy neighborhoods of the net (I sometimes have to for my job, for example). One thing you can do is to disable the DLL that is exploited. You’ll lose some thumbnail previews and such, but if you want to be safe until a patch is available, click Start->Run and then type “regsvr32 /u shimgvw.dll” to disable the vulnerable DLL.
Update: Note that if you disable this DLL, you’ll lose the ability to preview images with a double click. What to do about that? I’d install the excellent Paint.net program from Washington State University. Then follow this support page from MSFT on how to change your file associations to use Paint.net to open your images. You’ll have to do it once for each filetype (.jpg, .gif, .png) that you want to view.