How would you approach a situation where a critical vulnerability is discovered at UC Berkeley Extension?