Samba Vulnerability has been discovered in Linux and UNIX based operating systems. All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution in the smbd file server daemon.

Updates have been released to address the vulnerability that could allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Security advisory released by Samba, Ubuntu, Red hat, Debian and Suse; and apply the necessary updates.

For more information please visit: Samba Security Releases, Ubuntu, Red hat, Debian and Suse

SuperFish Vulnerability discovered in Lenovo personal computer pre-installed with SuperFish Visual Discovery Software, SuperFish intercepts HTTP(S) traffic using a self-signed root certificate. These updates address vulnerability that could allow an attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

Affected Products:

SuperFish may have appeared on these Lenovo Notebook models:

. E-Series: E10-30
. Flex-Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10
. G-Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch
. Miix-Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 – 1030
. S-Series: S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70
. U-Series: U330P, U430P, U330 Touch, U430 Touch, U540 Touch
. Y-Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70
. Yoga-Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro
. Z-Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80
. Lenovo Edge 15

Users and administrators are encouraged to review the Security advisory released from Lenovo and apply the necessary updates.

For more information please visit: Lenovo Security Advisory and SuperFish Removal Instructions

Mozilla Security Updates

The Mozilla Foundation has release security updates to address multiple vulnerabilities in Firefox, Firefox ESR and Thunderbird. These updates address vulnerabilities that could allow an attacker to obtain sensitive information or execute arbitrary code on an affected system.

The following updates are available:

. Firefox 36
. Firefox ESR 31.5
. Thunderbird 31.5

Users and administrators are encouraged to review the Security advisories released from Mozilla Foundation and apply the necessary updates.

For more information please visit: Firefox, Firefox ESR and Thunderbird

The Internet Systems Consortium (ISC) has released security updates for BIND. These updates address vulnerability that could potentially allow an attacker to cause a denial of service condition.

The following update is available:-

. BIND 9.9.6-P2
. BIND 9.10.1-P2

Users and administrators are encouraged to review the ISC Knowledge Base and apply the necessary updates.

Click here for more information

Google has released Chrome OS 40.0.2214.114 for Chrome devices. This update addresses multiple vulnerabilities (e.g. Use-after-free in DOM [CVE-2015-1209], Cross-origin-bypass in V8 bindings [CVE-2015-1210], Privilege escalation using service workers [CVE-2015-1211]) that could allow an attacker to cause a denial of service condition or obtain personal information.

Users and administrators are encouraged to review the Google Chrome release blog and apply the necessary updates.

Click here for more information