This patches the security vulnerabilities reported here - http://www.securityfocus.com/archive/1/444418.  It also provides some additional security related changes.

1)  Take your site offline:  Site->Global Configuration->Site Offline (YES).
2)  Extract the patch into your existing Mambo 4.5.4 installation and let the files overwrite the existing files with the same names.  The patch mirrors the existing Mambo file/folder structure so the files will go into the correct locations when extracted.  
3)  Bring your site back online:  Site->Global Configuration->Site Offline (NO).

That's it.  Patch Complete.