A bug in the way that Microsoft's Windows Media Player 6.4 handles .ASF (Active Streaming Format) files can allow attackers, given the right conditions, to execute any code on target systems.
More information about the bug, as well as the patch to fix it, can be found at http://www.microsoft.com/technet/security/bulletin/MS01-056.asp.