Remember Log4j vulnerability? A lot of the Korea governmental sites weren't affected because the Java version was too old :)

Don't even get me started on ActiveX.