Sophos has reported a combination of vulnerabilties that can be used to perform a remote privilege escalation and gain unauthorised privileged access to the the device. Details can be found here http://www.sophos.com/en-us/support/knowledgebase/119773.aspx .
If automatic updating is enabled the fix should be applied without further intervention.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.