Diagnosing & Treating Bash "Shellshock" ¬

2014-10-13

My introduction to the Bash “Shellshock” vulnerabilities, from Small Dog Electronics’ Barkings! blog:

OS X is a descendant of a long lineage of UNIX operating systems, from which it inherits its incredible stability and enhanced security. However, the past two weeks have uncovered numerous bugs in a core piece of software relied on by many UNIX operating systems, OS X included: bash (Bourne-again shell). It turns out that these bugs have been very long standing and can be exploited in numerous ways to provide unchecked access to a computer (in some cases remotely) with an afflicted version of bash installed. Due to the surprise and scope of this vulnerability, many have dubbed it “Shellshock”, in reference to the combat fatigue experienced by soldiers, but it’s really not a fair comparison to the effects of war.

Read the full piece for my advice on applying patches to limit your risk.

Commenting is closed for this article.