Microsoft say they are nothing more than Denial of Service flaws causing the rendering application to crash. Bugtraq reports fears that modification to the proof of concept code could result in an exploit capable of gaining system level privileges if an administrator views the (specially crafted) malicious file.

http://www.securityfocus.com/bid/16167/discuss
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities
[UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities

The solution given by the discoverer of this issue is as follows...