A flaw has been discovered recently
in Windows that could lead to system compromise. A particular vulnerability in an ActiveX control could result in a system becoming compromised if it visits a malicious site. Only affecting Windows Server 2003, with or without the service pack, it's not something that most desktop users will have to worry about. Even further, it's not something most Server 2003 users have to worry about, because it requires that someone first intentionally disable the “Enhanced Security Configuration” that IE is equipped with by default.
Due to what the exploit requires, it is unlikely this will see any major penetration. There is a technet advisory
on Microsoft't site. The temporary workaround for those few affected is to disable ActiveX while a patch is developed.