Today Microsoft released a security update for a vulnerability with ASP.NET. If you are using CRM via CRM Online this has already been patched for you. If you are running CRM on-premise you need to take action.
The security advisory can be found here. The urgency around this is related to details being released at a security conference yesterday.