Cheers Bink for the heads up that Microsoft has notified him that they will release an emergency security patch later today.
Thursday October 23rd, 17:00 GMT (That is 19:00 for GMT+1).
All Microsoft has said so far is that the vulnerability can be remotely exploited by malware.
Microsoft advises every Windows user / Administrator to update their machines, every currently supported Windows version is affected, so: Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008 & Windows Server 2008 Core Installation.
Bink goes on to say "I'm not sure if all editions are affected, but it does look like it, so also Windows Embedded, Windows CE, Hyper-V Server? To my knowledge this is only the second time that Microsoft has released an out of band security patch."