Windows update would do it for you as well . Well, what you must be concerned about when dealing with your desktop (if you are not providing any services, like web hosting, email relay, etc..) is about having open ports, and updated stuff. Turning off some features like activex support for your browser would help, or even dont using Internet Explorer at all..
Anyway, a scanner like r3x (which has grown up, wears a nice suit, and is now more corporate, being called Languard in this new incarnation) and a visit to websites like grc.com to probe your ports may be quite useful. There are several other scanners out there, like superscan, etc..Oh, instronics has already a link for languard, so if you want the previous r3x, check this: http://www.anti-trojans.hpg.ig.com.br/R3x060.zip . I haven't read the page it comes from, but if you know some Portuguese.. . Don't worry, the program is in English.
Also, simply using netstat -a in your dos prompt will give you a glance on what ports are open in your system. Don't forget shutting them all! And in case of a malicious program wanting to open one, a neat firewall might be there for shutting it again in its face