The Windows Vista Security Guide has been released
Yes, you still need one if you have care of a domain with Active Directory directory service:
http://www.microsoft.com/technet/windowsvista/security/guide.mspx
"In addition to the solutions that the Windows Vista Security Guide prescribes, the guide includes tools, step-by-step procedures, recommendations, and processes that significantly streamline the deployment process. Not only does the guide provide you with effective security setting guidance, it also provides a reproducible method that you can use to apply the guidance to both test and production environments."
Download the Guide here:
http://go.microsoft.com/fwlink/?LinkId=74028