Honestly, i'm not sure either. Our Microsoft TAM couldn't give us details either, but they all seem to be agreeing that exchange is vulnerable itself.

It worries me enough to step up patching on the exchange side of the house.