A new cumulative hot fix for ColdFusion 8.0.1 has been released. This is number four. Details and download may be found here: http://kb2.adobe.com/cps/529/cpsid_52915.html
You may remember that the last CHF fix did not include security fixes. Oddly, this one includes two fixes. However, I have to ask (and will post back if I hear an answer) what the official word on is this. I was told last time that it was not policy to include security fixes in CHF. So was that policy changed? Are all the security fixes in this one or only some? Is a user "safe" if they install a virgin CF8 and then apply this CHF?