At Google's Pwnium hacking competition, two new security exploits in Chrome OS were demonstrated, while at Pwn2Own a Chrome Web browser problem was found that also impacted Chrome OS. All three problems have now been patched.
Apple has pushed its first ever automatic security fix for OS X, with a new update signed to thwart a vulnerability associated with the use of the network time protocol that allows your Mac to automatically sync its clocks.
Originally, the Motorola DROID line (2013) was set to receive Android 4.4.3 shortly after that version was announced. But due to a security vulnerability that was patched in Android 4.4.4, the company had to wait for the latest version of Android. David Schuster, a member on Motorola’s Software Product Management team, provided the explanation on Google+.
Canonical announced on October 9th, in a security notice, that a new Linux kernel update for its Ubuntu 8.04.4 LTS (Hardy Heron) operating system is available for all users. There's a single kernel vulnerability, (CVE-2012-2136), discovered by various developers, related to the Linux kernel's network TUN/TAP device implementation.
I have the honor of reporting 14.1's first security vulnerability (I think I'm the first). OpenSSH 6.4p1 (sig) has been released to address a memory corruption vulnerability in sshd when using aes*[email protected] ciphers (supported in Slackware 14.1). CVE allocation pending; will update post when assigned.