A few of my friends were able to load my shares in a browser and download them.This penetrated an up to date firewall (ZoneAlarm Pro) set to high security (and solidly,stealthed ports).The Morpheus application gives no indication of the upstream activity.This looked to be rather a big deal, so I tested it out. What I can tell you is that this doesn't work under NT 4, and I would assume Windows 2000. That's all I have on any of the machines I was able to set up Morpheus on. However, armed with a fistful of random IPs of Morpheus users, I was able to connect to several computers using just a web browser. My guess is these machines are running Win9x, and that has something to do with the vulnerability.
Its pretty alarming to think that anyone and everyone can surreptitiously access your files with just an ip and a browser, no control over the number of connections.
Unfortunately, I have no way of knowing if any of these machines are firewalled. In any case, it might be a good idea to test this out yourself to see if your Morpheus file shares are vulnerable.