Cisco Secure Desktop is Insecure

Cisco says their Cisco Secure Desktop (CSD) 3.1.1.33 and earlier software has three bugs that lessen security. One bug may leave information from an Internet browsing session using SSL VPN (Secure Socket Layer on a Virtual Private Network) on a computer after the session ends. Another bug will let users leave the Secure Desktop when they shouldn't, and then third lets local users gain extra privileges. Cisco has fix information at http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml.