Okay, got it. Any precautions I should take in the meantime? I have the "bash -> dash" thing already, but the string test still marks me as vulnerable. Thanks, Paul