Canonical has discovered a zero-day security vulnerability that affects all the Linux systems that use GRUB2 (GNU GRand Unified Bootloader) 2.02 Beta as default. This security flaw would permit skilled hackers to bypass the GRUB password and gain access to the system.
This issue is present on Ubuntu 15.10 Wily Werewolf, Ubuntu 15.04 Vivid Vervet, Ubuntu 14.04 Trusty Tahr, Ubuntu 12.04 Precise Pangolin and derivative systems.
For Ubuntu systems and derivatives, all you need to do is update the local repository index and perform a regular system upgrade, to receive a patched version of GRUB2:
$ sudo apt-get update
$ sudo apt-get upgrade
For now, only RHEL 7, Debian Squeeze, Ubuntu, Arch Linux (and their derivative systems) have received fixes for the GRUB2 issue, but most likely, other systems will patch this as well.