The observant amongst you will have noticed that SP2 came with a security flag on it. We fixed a buffer overflow in WebAccess and people are asking what needs to be updated. Well, the ports affected are 7205 and 7211, which are the GWINTER ports for communication with the servlets, and the HTTP interface - so the answer is the WebAccess Agent is the only thing that needs updating for this vulnerability. Is it high risk? In my opinion, no. Most of you should have these ports blocked off from the outside world, only exposing 80 and 443. I have not heard of this vulnerability being exploited.
If you plan to update check out my previous thread on getting it all installed.