I got a chuckle out of how Windows 2000 reacts to the exploit. According to one consultant, "It seems that at least in Windows 2000, Microsoft attempted to do the right thing. The user browsing the malicious folder is asked whether they wish to execute the script within the Folder.htt file, but regardless of the answer the script is executed." Well, their heart was in the right place.
The bug doesn't seem to be as widespread as the person who discovered it suggests, but it still offers someone the opportunity to run code bad enough to "take over a computer" (though the article doesn't really go into what exactly that phrase means in the context of the bug).
Apparently firewalls will stop the thing, so this mainly seems like one for the home user to be concerned about. The article also isn't too clear on exactly how the malicious code could get stuck into a local folder in the first place; I assume another security vulnerability would have to be exploited to put it there.