Apple has released a security updates for OS X, iOS and Apple TV to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to intercept HTTPS connections between vulnerable clients and servers (Kindly make reference of FREAK Attack)

The following updates are available:-

• Xcode 6.2 for OS X Mavericks v10.9.4 or later
• Security Update 2015-002 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2
• Apple TV 7.1 for Apple TV 3rd generation and later
• iOS 8.2 for iPhone 4s and later, iPod touch (5th generation) and later, and iPad 2 and later

Users and administrators are encouraged to review the Apple security updates and apply the necessary updates.

For more information click: HT204427  HT204413  HT204426  HT204423

Microsoft has released a security bulletin summary for March 2015 to address vulnerabilities in Windows. Exploitation of these vulnerabilities could allow elevation of privilege, disclosure of information, remote code execution, spoofing or security feature bypass.

Users and administrators are encouraged to review Microsoft Security Bulletin, MS15-Mar, and apply the necessary updates.

Click here for more information

FREAK (Factoring Attack on RSA-EXPORT Keys) SSL/TLS Vulnerability has been discovered, a weakness in some implementations of SSL/TLS.  It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force the two to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.

Microsoft has released a Security Advisory that includes a workaround for supported Windows systems.

Users and administrators are encouraged to review the Security advisory released by Microsoft; Vulnerability Note VU#243585 and apply the necessary mitigations.

For more information please visit: Microsoft Security Advisory and VU#243585

Samba Vulnerability has been discovered in Linux and UNIX based operating systems. All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution in the smbd file server daemon.

Updates have been released to address the vulnerability that could allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Security advisory released by Samba, Ubuntu, Red hat, Debian and Suse; and apply the necessary updates.

For more information please visit: Samba Security Releases, Ubuntu, Red hat, Debian and Suse

SuperFish Vulnerability discovered in Lenovo personal computer pre-installed with SuperFish Visual Discovery Software, SuperFish intercepts HTTP(S) traffic using a self-signed root certificate. These updates address vulnerability that could allow an attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

Affected Products:

SuperFish may have appeared on these Lenovo Notebook models:

. E-Series: E10-30
. Flex-Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10
. G-Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch
. Miix-Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 – 1030
. S-Series: S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70
. U-Series: U330P, U430P, U330 Touch, U430 Touch, U540 Touch
. Y-Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70
. Yoga-Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro
. Z-Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80
. Lenovo Edge 15

Users and administrators are encouraged to review the Security advisory released from Lenovo and apply the necessary updates.

For more information please visit: Lenovo Security Advisory and SuperFish Removal Instructions