As you probably heard, Microsoft released Update Rollup 3 for Exchange Server 2007 SP1 and Update Rollup 7 for Exchange Server 2007 RTM last week. These Update Rollups address the vulnerabilities described in Microsoft Security Bulletin MS08-039.
Since Exchange Server 2003 is also affected by the vulnerabilities described, you should download and install Security Update for Exchange Server 2003 SP2 (KB950159).
This update addresses the Microsoft Exchange Server vulnerability addressed in the Microsoft Security Bulletin MS07-039.
About this download: A security issue has been identified that could allow an attacker with limited access to increase their privileges to compromise Outlook Web Access for Microsoft Exchange Server and gain control over it. You can help protect your computer by installing this update from Microsoft on all Microsoft Exchange 2003 Service Pack 2 servers in your organization. Installation instructions and more information about this issue are available here.