It doesn’t take much for a machine to become irrevocably tainted, so the fact that they are doing a recall doesn’t, in and of itself, say much about the magnitude.
Do you have some other data to substantiate your ire or are you just piling on?
> The vulnerability stemmed from incomplete input validation of user supplied .tar files as it pertains to the names of the files contained within the archive. Consequently, a remote attacker could format file names in a particular manner that would result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product.
I would not be comfortable to continue using a product that contained such an egregious flaw.
Do you have some other data to substantiate your ire or are you just piling on?