A high critical vulnerability was announced today by Microsoft that affect libraries which are used to process ASN.1 encoded data. ASN.1 is the standard which defines how data in digital certificates is encoded.
Every application that makes use of MSASN1.DLL or CRYPT32.DLL (for digital certificates handling) is considered to be vulnerable. Some of it includes:
Customers must take an immediate action to patch their systems, specially those that are directly connected to a public network (like MS IIS for instance). The Microsoft's Security Bulletin (MS04-007) is available here.