At 2/5/2013 04:02 PM Tuesday, Cooke, Tony wrote: >Since the University recommends/requires out of date/unsupported >software, which has known vulnerabilities, are we not being required >to put ourselves at risk? If so, is it an acceptable risk? My question exactly. Just how dangerous is this JRE to our users? Doesn't one have to be lured to a malicious website to trigger this sort of attack? How likely are our users to do this? -- dkm