The vulnerability announced today in MS06-040 can be remotely exploited to take complete control of a Windows system. Unlike many of Microsoft's other vulnerabilities that are labeled "critical", this one truly is. To make matters worse, according to CERT, they know of working exploit code for this vulnerability.
My understanding is that the campus firewall still blocks TCP 139 and 445, so that gives us some limited protection.
See for the report from CERT.

Chris Wolf
Computer Service Manager
Agricultural Economics        [log in to unmask]
Michigan State University     517 353-5017