Microsoft has a 311-page PDF-formatted download called Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP (registration and Passport account required).
This is seriously geeky stuff. It’s overkill if all you have is one computer at home, but valuable if you are in charge of a business network.
Ed Bott 
Why require registration for this? That’ll scare off a lot of people who think they’ll have to go through a 5 minute Form 1040-like survey…