http://www.pcadvisor.co.uk/news/security/3363319/mysql-vulnerability-allows- attackers-bypass-password-verification/ Is BX immune to this? I realise the DBs are not open to the internet by default but it would be comforting to know that we're immune to malicious users as well. DD