Thanks for replying, makes sense in terms of the dates involved. Do you know what the latest software versions you can have in Hybrid mode with Sup2/MSFC2? CatOS is 7.6(24a) as per the advisory. IOS is currently 12.1(27b)E4.

Just trying to figure out whether the IOS update required to comply with the advisory is gonna mean going to Native mode. I think anything from 12.2 onwards requires Sup720 upgrade and you guessed it, Sup upgrade not an option, the entire network is gonna be binned in 12 months but has to be compliant up till that time.

Unfortunetly I think your only options are going to be leave it like it is or go native .  It looks like native does have an image that complies but you know the whole caveat that goes with  that as far as nvram and flash capacity  which will be considerably  more for the native requirements.  Here is the latest native image.  Where I work we have a number of these under the same constraints and none of them have enough nvram and flash to upgrade so they are staying at the current version until they get replaced.

ENTERPRISE SERVICES SSH
s222-entservicesk9_wan-mz.122-18.SXF17.bin
Release Date: 30/Sep/2009

Size: 50152.04 KB  (51355684 bytes)
Minimum Memory: DRAM:256 MB  Flash:64 MB

Here are the bulletin fix releases so I think it falls under the fix version.

12.2SXF            12.2(18)SXF16                       12.2(18)SXF17; Available on 30-SEP-2009

Hi there

Sorry for belated reply and thanks for your input Glen. TAC have confirmed the way to go is upgrade CatOS to 7.6(24a) and upgrade IOS to 12.2(18)SXF17, stay in Hybrid mode and upgrade any memory as required. Going to Native would be the obvious choice but the customer wants minimise time and money spent on this as they're walking away from it in Dec so they wanna avoid the big CatOS to IOS config rewrite!!

Thanks again!