Spreading the word about this recently announced bug fix: https://www.samba.org/samba/security/CVE-2017-7494.html
From the announcement, Samba versions 4.6.4, 4.5.10 and 4.4.14 have been fixed although if you are stuck on the 3.5/3.6 series there is no word of an update (they are still vulnerable). There is also a patch that you can apply manually if you build from source.
From my initial read it looks like attack allows unauthorized users to do "blind" writes of data to writeable shares when they happen to already know the correct path. From there they could potentially execute malicious code on the server.
A work-around if you can't update immediately is to turn off NT pipes support, although this breaks certain functions so be careful.