In its security bulletin summary for January 2008 Microsoft has published one update for a new critical vulnerability in its operating systems / applications as well as one important.

Critical is Microsoft’s highest vulnerability rating.

A summary describing briefly the vulnerabilities is available from Microsoft’s Security Bulletin Summary for January 2008.
From this page you will also find links to more detailed information in Microsoft's Security Bulletins MS08-001 - MS08-002.

The critical update addresses the following issue:

• Two privately reported vulnerabilities in Windows TCP/IP.

Updates that fixes the vulnerabilities are available from Windows automatic update mechanism for systems that support this. Alternatively, one may download updates from http://windowsupdate.microsoft.com.  

Norman advices all affected users to download the security updates as soon as possible, to be protected from potential exploits.