Several readers have pointed us towards this advisory.  This Microsoft advisory outlines a vulnerability in Internet Explorer 6 and 7, which could allow remote code execution.  While there are some mitigations available for IE7 (the Enhanced Security Mode) in Server 2003 and Server 2008, the best advice is to upgrade to Internet Explorer 8, which is not vulnerable.

Find the advisory here ==>  http://www.microsoft.com/technet/security/advisory/981374.mspx

=============== Rob VandenBrink, Metafore ==============