Well, it's nice to see they've created new holes, plugging old ones. It keeps the black hats busy. Seriously, if I had a misson critical server, I'd be concerned, but, as a user, I don't think my home box is going to be exploited. Besides, once these exploits are made public, they're patched quickly. I think Oracle is sort of the exception. Although, if it's public, and it'll cost them client service problems, or just cost them, they get off of their asses and fix the problem fast.