Windows has an odd way of finding Wi-Fi networks: At the ShmooCon security conference, a researcher discussed how Windows XP and 2000's method of searching for networks could open a vector for attack. This ZDNet article describes Mark Loveless presentation. Windows XP/2000 when booted apparently searches for a wireless network and then attempts to connect to the last known SSID using ad hoc mode. (This doesn't sound exactly right to me, but Loveless's presentation isn't yet available online.)
An attacker could be listening for ad hoc broadcasts of this sort, and identify itself with the same SSID. As another user on a local network, it may have firewall privileges. Service Pack 2 for Windows XP should protect against this, although I believe only because it has better firewall policies.
The threat is seen as small.
Update: Microsoft has confirmed that there's a small risk, and said it will not specifically patch this problem until Service Pack 3, due in late 2007. In the meantime, you can disable your computer's ability to connect automatically to ad hoc networks. Select the adapter in the View Network Connections list. Right click and choose Properties. Click the Wireless Networks tab. Click the Advanced button. Under Networks to Access, select Access Point instead of Any Available Network.