You might notice that I blog quite often about security here, even though I'm on the management team. The reason is that over the years as a DBA I've seen so many shops that don't take care of the basics, so I think you just can't talk about it enough.
Microsoft just released a new security bulletin that addresses four security vulnerabilities involving SQL Server 7.0, SQL Server 2000 and SQL Server 2005 including MSDE, WMSDE and WYukon. Get it, read it, understand it - here's the link to the bulletin:
As always, put this on your testing server and test, test, test.