It's pretty easy to say one should upgrade to the non-flawed IOS, but it's much tougher to actually do it...especially in a large enterprise. IOS roll-out to a network of a few thousand, or even a few hundred, devices might take months to complete. And the roll-out wouldn't start until after the QA team shook it out for a while in the lab. Let's face it, IOS upgrades to plug a relatively esoteric security exposure fall way down the priority list of most companies. They've got far too many Microsoft patches to apply to the desktops and servers without regularly disrupting the networks in between. Live with the IOS bugs and holes until there's a compelling (feature) reason to upgrade.