I cannot remember which, but either the Enhanced Memory Protection or the Thread Injection Protection (Process Access Control) is not compatible with Win2k3x64. Checking that box disables the feature and thus allows it to be applied to Win2k3x64 machines. If you apply that to other machines, you lose that capability there also.