The hidden shares do not in and of themselves create a "huge security hole;" depending on the sharing and security model you have installed, only either the Guest account can access those shares (if it's enabled and if it has file system permissions for the share location, which it typically does not), or authenticated local accounts would have access.
If you're really concerned about security and do not wish to share any resources with other machines on your network, you should disable your Guest account and ensure that your Network access: Sharing and security model is set to 'Guest only' in your Local Security policy Security options.
I'm not entirely sure why BSA is telling you that, as I do not recall it showing that as a threat when I ran it against some of my hosts. If you post a screenshot or an report of what it's telling you, I might be able to give you a better interpretation of what it's saying. Then again, it wouldn't surprise me much for an MS product to reveal a needed feature in another one of their products as a vulnerability or bad practice; it wouldn't be the first time MS done that.