Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Connect, and Dreamweaver. A remote attacker could exploit these vulnerabilities to take control of an affected system.
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.
NCCIC/US-CERT encourages users and administrators to review the Samba Security Announcements for CVE-2018-1050 and CVE-2018-1057 and apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches.
In the immediate aftermath of the Spectre and Meltdown attacks, Microsoft created an unusual stipulation for Windows patches: systems would only receive the fixes if they had antivirus software installed and if that antivirus software created a special entry in the registry to indicate that it's compatible with the Windows fixes.
This was due to the particularly invasive nature of the Meltdown fix: Microsoft found that certain antivirus products manipulated Windows' kernel memory in unsupported ways that would crash systems with the Meltdown fix applied. The registry entry was a way for antivirus software to positively affirm that it was compatible with the Meltdown fix; if that entry was absent, Windows assumed that incompatible antivirus software was installed and hence did not apply the security fix.
This put systems without any antivirus software at all in a strange position: they too lack the registry entries, so they'd be passed over for fixes, even though they don't, in fact, have any incompatible antivirus software.
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.