How do you handle a situation where a critical security patch conflicts with a mission-essential legacy application?