In July 2004, Microsoft released two patches to fix critical vulnerabilities in Windows Server 2003. According to Microsoft, a critical vulnerability is a flaw that can lead to the propagation of an Internet worm without user interaction, such as the MSBlast outbreak in late 2003.
You can find out more about July's critical updates and what problems they fix in Microsoft Security Bulletin MS04-025 (update number 867801) and Microsoft Security Bulletin MS04-023 (update number 840315).
MS04-025 fixes three vulnerabilities in Internet Explorer that could allow remote code execution and the takeover of a server. The version of Internet Explorer included in Windows Server 2003 is only susceptible to two of the three vulnerabilities, but organizations should apply the patch immediately.
MS04-023 affects all versions of Windows Server 2003 that have Internet Explorer installed. This update addresses two vulnerabilities in the server's Help system (one of which Microsoft has defined as Critical), which can result in a server takeover. This critical flaw could also allow remote code execution.