Microsoft released a Security Bulletin Advance Notification pertaining to an update coming this Tuesday, January 12, 2010. The update will patch a critical security hole in Windows XP/Vista/7 and Windows Server 2000/2003/2008 that could result in a hacker taking remote control of your system. The patch is rated "critical" for Windows Server 2000, but "low" for the other affected operating systems. You should receive a prompt when the patch is available, but if you don't, make sure you go to Microsoft's site to download it manually.
You can sign up to receive monthly email alerts on security notifications here on Microsoft's site. A Windows Live account is required.