How would you handle a new vulnerability discovered in a widely used software that impacts O.C. Tanner’s systems?