Microsoft released an update to that fixes a vulnerability in current and future versions of Windows. The vulnerability can be remotely exploited by malware.
Microsoft advises every Windows user / Administrator to update their machines, every currently supported Windows version is affected, so: Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008 & Windows Server 2008 Core Installation.
An interesting note I found out is that this vulnerability also affects the Windows 7 Pre-Beta build Microsoft is expected to hand out to PDC 2008 Attendees next week.
Quote: This vulnerability was reported after the release of Windows 7 Pre-Beta. Customers running Windows 7 Pre-Beta are encouraged to download and apply the update to their systems. On Windows 7 Pre-Beta systems, the vulnerable code path is only accessible to authenticated users. This vulnerability is not liable to be triggered if the attacker is not authenticated, and therefore would be rated Important.
So get patching!
More information: Microsoft Security Bulletin Advance Notification for October 2008