by NIST.org

Lotus Notes uses the same vulnerable shimgvw.dll graphics 
rendering engine file implicated in the Microsoft Security 
Advisory (912840) to view image file attachments. Because of 
this all Lotus Notes users are vulnerable to the WMF zero-day 
exploit. At this point there is little that be done but block 
all incoming images at the perimeter.

Someone (or an email worm) simply needs to email a person a 
message with a graphics file attachment. It doesn't matter 
if the person Views or Opens (Runs) the attachment the 
shimgvw.dll will be used to render the image and the malicious 
file can compromise the computer.