There is a good overview of the new Microsoft vulnerability at the Internet Storm Center. You really need to go to windows update site and update your system as far as possible - and do this immediately!

Within a week or so there very likely will be a new internet worm that will hit the net like Slammer did - and this time it will be able to affect ALL unpatched windows machines, not just those with SQL applications installed!

So - load Internet Explorer, click Tools, then Windows Update. Install all of the Critical patches - it might take several tries and reboots to get all of them, keep going back and checking until you get a clean bill of health - that is, no Critical patches remain to be applied. The Suggested patches are optional, but look through the list and apply the security ones as needed. You can safely ignore the .NET, Media Player, and Direct X installs if you want to.