That is the message being circulated after a clever fellow in New Zealand found a simple way to use the firewire architecture in Windows XP to bypass password controls.
To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory.
With full access to the memory, the tool can then modify Windows’ password protection code, which is stored there, and render it ineffective.
The utility for linux was made available today. No need to use firewire means no need to leave it enabled.