Windows was written to be easy to network. To make setting up a windows network simple for people with little experience, it comes out of the box with it's "flies undone", so that it doesn't have to ask you complicated questions.
This is fine until you connect your Windows machine to the Internet. Suddenly, to continue the metaphor, you're standing in a large crowd of people with a distinctly chilly feeling down below!
All a hacker needs to do to gain access to your computer, to delete files or install malicious programs is to guess any password on your network. Unless of course you have shares which aren't password protected. What? you mean you haven't password protected all your shared directories? Of course you haven't! by default windows sets up all your shares with full access to everyone!
Why does it matter?
Even if you only have dial-up access to the internet, a malicious person could install programs on your machine which could then be used to delete your files, attack other PCs, install viruses etc.
The Code-Red internet worm exploited similar loopholes in Microsoft's Web Server software. There's no reason why similar software couldn't use another route to get into your PC and the consequences would be much worse because the attack wouldn't just be limited to web servers