Two flaws in the Windows version of Cisco's Secure Access Control System could lead to a disclosure of information or the execution of arbitrary code on the affected system. The Unix version of ACS is not affected. For more, including a patch, go to http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml