If you’ve never used the Microsoft Baseline Security Analyzer, this might be a good time to give it a try. Version 1.2.1 is now available for download here. The documentation is intimidating (and the accompanying FAQ is only a little less so), but the application itself is pretty straightforward. It scans every version of Windows 2000, Windows XP, and Windows 2003 (sorry, not Windows 9X/Me), and also looks for security problems in Microsoft client and server programs, including Windows Media Player, Internet Explorer, Exchange Server, and IIS. You can also scan multiple computers over a network. It does a much more thorough job than Windows Update — instead of just looking for patches, it also examines your system configuration for common security weaknesses, such as easy-to-crack weak passwords or too many file shares.
Highly recommended for anyone who is serious about Windows Security.
Ed Bott 
This was a nice tip, Ed. Thanks. It was exactly like you said– a little dense on the documentation, but relatively intuitive to figure out, and easy to run. Plus, although I’m very careful and checked out (mostly) fine, it did identify a few unexpected holes that needed plugging.
(Although, I keep getting a flag that I have unnecessary services running– specifically Telnet– and the solution prescribed is the setting its already on: Stopped and Startup Disabled. I don’t know what that’s about.)
But that’s a small thing, and it’s a fine tool.