An Exchange Server related security bulletin was released yesterday. Here are some details; please go and get the patches that apply to your Exchange version!
Issued: May 08, 2007
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately
Security Update Replacement: This bulletin replaces two prior security updates. See the Frequently Asked Questions (FAQ) section of the bulletin for details.
Affected Software:
- Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004
- Microsoft Exchange Server 2003 Service Pack 1
- Microsoft Exchange Server 2003 Service Pack 2
- Microsoft Exchange Server 2007
More information: http://www.microsoft.com/technet/security/Bulletin/MS07-026.mspx