Microsoft has a released a Critical Security update for Windows XP, Windows 2000, and Windows Server 2003 (for Windows Vista and Server 2008, it's rated Important). Microsoft is advising Windows users to apply the update immediately.
The vulnerability can allow a malicious remote user to gain access to your computer. You can read more about the vulnerability at the Microsoft Security Bulletin Page.
Visit Windows Update to install the update as soon as possible.