I dropped a note to Asus about the Samba vulnerability on 19th Dec 2007.
"But I think this type of serious security vulnerability ought to have an official security
release for everyone. Ditto for updates to Firefox and Thunderbird.
I would not want the reputation of the Eee PC to be spoiled due to security problems, and with
Linux it should be easy to get an excellent automatic update process in place."
So far, all I've heard is that the correct department have been informed. Not the speedy
respose I would have liked to see.