This month's Microsoft Security Bulletins (rss) have been released. I suggest applying the patches reasonably quickly. Of seven bulletins, one applies only to IIS 4.0 on NT 4.0 (to which I must ask why have you not upgraded??), one applies to the POSIX subsystem on NT 4.0 and 2000 (not included in XP and 2003), and one to the Utility Manager in Windows 2000.
I'm hoping that the dead silence in the bulletins regarding XP SP2, and Windows Update v5 not showing anything, means that these issues are already fixed in SP2. It looks like all the binaries on my machine have later build dates and build numbers.