It's possible that the WMFs will end up in Firefox's cache regardless. In that case, indexing programs (like Google Desktop) will open the file to get metadata from it, and trigger it.

The bug is not actually in Shimgvw.dll, but unregistering that will stop the automatic rendering of WMFs in most cases. The actual bug is in the design of the WMF format. There's a GDI function that's intended to be called only by an interactive program to provide an abort to a print operation. This can be included in a metafile, and will induce Windows to call code embeded in the metafile. Disabling this will require a fix to GDI32.DLL.