Securing Windows XP Desktops Resource Guide

See also Jeff's excellent Infosec blog, and the MSRC team blog

And the Desktop Deployment Center security patching guide

Don't forget the RSS feed for security bulletins and the new security advisories page

Each month, Microsoft exec Mike Nash holds webcasts that you can view on demand here. Each one includes a nifty security checklist. Since there doesn't seem to be a pick list of just the checklists, here you go (in LIFO order)

Managing Access in the Extended Enterprise: The Checklist

E-mail Security, It’s More Than Filtering: The Checklist

Phishing: Don’t Get Hooked: The Checklist

Keeping an Eye on Spyware: The Checklist

Streamlining Patch Management: The Checklist

Social Engineering, the Human Factor: The Checklist

Information Risk Management: The Checklist

Managing Risk of Malicious Software: The Checklist

You can also hone your security expertise with Microsoft E-Learning Clinics, then test it in a risk-free environment with online Hands-On Labs.