Do so, and if you're logged into Facebook, the link and picture will be added to your wall. Anyone who is looking at your wall and clicks the link will also be afflicted and so on.
Currently, there is no evidence of any nastiness attached to the worm, but of course that may change at any time.
According to AVG's Emerging Threats Researcher, Nick FitzGerald, "This worm uses what is technically known as a CSRF (Cross-site Request Forgery, also called XSRF) attack. A sequence of iframes on the exploit page call a sequence of other pages and scripts, eventually resulting in a form submission to Facebook "as if" the victim had submitted a URL for a wall post and clicked on the "Share" button to confirm the post."
Currently iTWire is advised that Facebook is working on the problem and in the mean-time users of AVG's Linkscanner product (available for free) are fully protected from this issue.