I was notified by MS Security Alert email, nice eh? ;) Here you go...
Who should read this bulletin: System administrators who have deployed Outlook Web Access using Microsoft® Exchange 5.5 Server.
Impact of vulnerability: Run code of attacker's choice.
Maximum Severity Rating: Moderate
Recommendation: Customers with OWA implementations should install the patch immediately.
Affected Software: Microsoft Exchange 5.5 Server Outlook Web Access
Download: Patch for Microsoft Exchange 5.5