In October 2008, Microsoft issued a Security Bulletin and a Patch for Windows as MS08-067 describes.
Windows 2000 SP4, Windows XP and Windows Server 2003 fixes carry a Critical rating, whilst for Windows Vista and Windows Server 2008, an Important rating.
In November 2008, a worm known as Conficker or Downadup was discovered that exploits this vulnerability. Machines that have not been patched could be susceptible to being infected, and Conficker.D is expected to become effective 1 April 2009
Have you patched your systems? If not, do it now. The fix has been publically available for 6 months already!