All, Please see http://www.cisco.com/warp/public/707/cisco-sa-20080416-nac.shtml Clean Access 4.0.6+ & 4.1.2+ are apparently not vulnerable. Bruce Osborne Liberty University