I was notified by MS Security Alert email, nice eh? ;) Here you go...
Summary
Who should read this bulletin: System administrators who have deployed Outlook Web Access using Microsoft® Exchange 5.5 Server.
Impact of vulnerability: Run code of attacker's choice.
Maximum Severity Rating: Moderate
Recommendation: Customers with OWA implementations should install the patch immediately.
Affected Software: Microsoft Exchange 5.5 Server Outlook Web Access
View: Microsoft Security Bulletin MS01-057
Download: Patch for Microsoft Exchange 5.5