Vulnerability in Exchange 2000/2003/2007
In its May security bulletin, Microsoft reveals that the latest versions of Exchange server have a vulnerability that could lead to remote code execution.
"An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
Here is the link to the security bulletin, which has information how to obtain the patches: