Bulletin MS08-067 has been released along with its fix, and it’s a doozy.  By releasing it outside of a “patch Tuesday” it is apparent that Microsoft wants to see this fixed as soon as possible.  It affects every version of Windows from 2000 on through the latest beta of Windows 7.

This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability over RPC without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. If successfully exploited, an attacker could then install programs or view, change, or delete data; or create new accounts with full user rights.

Get yourself over to Windows Update and patch it up as soon as possible. Or download the standalone update from knowledgebase article 958644.