I found http://technet.microsoft.com/en-us/library/cc526440.aspx
And it says
"Remove All Unnecessary File Shares
Remove all unnecessary file shares on the system to prevent possible information disclosure and to prevent malicious users from using the shares as an entry to the local system"
I am aware that shares can be "shared" to groups like everyone/domain users etc and ift theres senstivie data resident then that can be accessed.
But it hints at shares as an entry point:
"from using the shares as an entry to the local system"
To perhaps gain access to admin areas of the system?
So is that possible, or theoretical? A non admin share shared to the everyone group could actually open up the server to compromise so the user can get access to the admin area of the server?