Yes, that is what they are calling it and as quoted from OpenSSL's advisory;
In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL. Affected versions depend on the C compiler used with OpenSSL
Since msdn tells me a short is 2 bytes, this would make the affected version
just 0.9.8m on the Windows platform.
Update packages can be downloaded from our Downloads page (http://www.apachehaus.com/cgi-bin/download.plx) as always.