We've learned of additional mechanisms found by security researchers that allow for attackers on endpoints that use Java deserialization. Update the EJB remoting endpoint to block the applicable classes involved in these gadget chains.