It's a vulnerability in the ActiveX certificate enrollment control that can be exploited to delete/corrupt the digital certificates stored on a system. A successful exploit could corrupt trusted root certificates, encryption certificates, signing certificates, etc. This could potentially prevent proper encryption/signing of emails.
See www.pcworld.com/news/article/0,aid,104573,00.asp www.siliconvalley.com/mld/siliconvalley/3966694.htm. Patch from Microsoft available at www.microsoft.com/technet/security/bulletin/ms02-048.asp