At Google's Pwnium hacking competition, two new security exploits in Chrome OS were demonstrated, while at Pwn2Own a Chrome Web browser problem was found that also impacted Chrome OS. All three problems have now been patched.
Originally, the Motorola DROID line (2013) was set to receive Android 4.4.3 shortly after that version was announced. But due to a security vulnerability that was patched in Android 4.4.4, the company had to wait for the latest version of Android. David Schuster, a member on Motorola’s Software Product Management team, provided the explanation on Google+.
Canonical announced on October 9th, in a security notice, that a new Linux kernel update for its Ubuntu 8.04.4 LTS (Hardy Heron) operating system is available for all users. There's a single kernel vulnerability, (CVE-2012-2136), discovered by various developers, related to the Linux kernel's network TUN/TAP device implementation.
I have the honor of reporting 14.1's first security vulnerability (I think I'm the first). OpenSSH 6.4p1 (sig) has been released to address a memory corruption vulnerability in sshd when using aes*[email protected] ciphers (supported in Slackware 14.1). CVE allocation pending; will update post when assigned.
It seems that Microsoft is getting ready to release the third update for Windows Phone 7 handsets - this one being a security update to fix the vulnerability caused by the compromised Comodo security certificates.