Microsoft has recently released information about a critical vulnerability found in their Exchange Server product. The vulnerability, if exploited, could allow a remote attacker to execute arbitrary code and gain complete control of the Exchange mail server.
The following Microsoft Exchange Server products are affected:
Microsoft Exchange Server 2000 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004
Microsoft Exchange Server 2003 Service Pack 1
Microsoft Exchange Server 2003 Service Pack 2
Security patches to address affected products can be obtained at: