Just one thing in the Patch Tuesday Bulletin:

Microsoft Security Bulletin MS05-053
Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
http://www.microsoft.com/technet/sec.../MS05-053.mspx

My analysis:

Essentially, a flaw in the rendering of WMF and EMF graphics files could lead to remote code execution. Typically, the files would have to be delivered through a web page, email message or be embedded in a document. If embedded in a document or web page it will require some user intervention to spread.

However, it is possible to embed a WMF file directly into an email message and have it display automatically (possibly through an autopreview pane). A virus using this attack mechanism could spread very quickly because little user intervention is required. It would be possible to create an effective and very fast spreading mass mailing virus using this flaw.

This is not an attack vector that could be exploited by a Sasser/Blaster/Zotob style worm. It is also extremely unlikely that you would view a WMF or EMF file on a server for any reason. Therefore, I do not feel that the majority servers are at risk from this flaw unless they display or process email in some way.

The patch for this ONLY appears to be for the EMF and WMF rendering subsystem, so in my view the patch itself carries a very low risk.

Summary: patch anything that access email or the the internet as soon as you can, but it's probably not necessary to schedule any server downtime for this patch as the vast majority of them would never carry out a task that would render this kind of graphics file.