The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is prone to a denial-of-service vulnerability and to to an information-disclosure vulnerability. Successful exploits of the denial-of-service vulnerability will cause the affected SMTP server to stop responding, denying service to legitimate users. Attackers can exploit the information-disclosure issue to gain access to sensitive information. Any information obtained may lead to further attacks.
Microsoft released fixes to address this issue. Please see the references for more information.