Microsoft has apparently released the official patch for this exploit. Whether it truly fixes the problem is something I don't know, and if you're still running a version that they no longer officially support, you're probably screwed. Still, I figure it's worth mentioning.

Does it affect you if you use another browser?
Can an antivirus like Symantec Client Security keep you safe from it?

Tab:  Bad boy!  Bad!  No cookie for you!

Tots:  It's a flaw in the graphics rendering engine portion of Windows, specifically GDI32.dll.  It's a problem with the way it handles WMF metafile images, regardless of what the files are named.  Windows has this habit of just passing things off to the default handler instead of checking to see "oh wait, you're different from what you're supposed to be so I should alert the user".  It's the difference between pass by default and fail by default when an anomalous condition arises.  Fail by default is safe, but user-intensive.  Pass by default is dangerous, but requires no user intervention.  Guess which route Microsoft usually takes?  Guess why their OS gets hacked every other week?

It's true that Mozilla and Opera usually prompt you as to "what to do with a file" instead of just opening it, but that depends on your settings.  Also, if you do accidentally open the file, you're screwed since (guess what) it's getting passed off to Windows.  Then there's third-party utility programs like Google Desktop to worry about, browser toolbars, etc....  Let's not even bring up spyware infections that circumvent everything.  That's the problem with OS-level vulnerabilities.  Sure, the frontend browser itself might be safe, but something else might act stupid and dump it back to the OS.

The only safe thing to do is patch Windows.  Go run Windows Update if you haven't already.