Microsoft has released a security bulletin and patch that addresses a security issue that would allow a remote user to access file shares without knowing the complete password.
Windows 9x and Windows ME both allow users to set share level passwords. By using a special utility, a malicious user could bypass the password and access the shares. This does not affect user level password controls.
Microsoft has released a security bulletin, MS00-0072. A patch for Windows 98 is available at; http://download.microsoft.com/download/win98SE/Update/11958/W98/EN-US/273991USA8.EXE
A patch for Windows ME is available at; http://download.microsoft.com/download/winme/Update/11958/WinMe/EN-US/273991USAM.EXE
At this time a patch for Windows 95 is not available.