Cisco Secure Desktop (CSD) software is affected by three vulnerabilities that may: Cause information produced and accessed during an Internet browsing session to be left behind on a computer after an SSL VPN session terminates. Allow users to evade the system policy that prevents them from leaving the Secure Desktop while a VPN connection is active. Allow local users to elevate their privileges. Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of some of these vulnerabilities. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20061108-csd .