Shellshock bug in Bash affects Linux and Mac OS X, but the first fixes are already out (Updated)

hacking team adobe flash windows security exploit cyber
Update 9/26/14 6:04 p.m. ET by Konrad Krawczyk: According to the official Red hat security blog, additional patches that are designed to combat and rectify the problems associated with the Shellshock bug in Bash have been released.

On top of that, Red Hat says that “patches are available for most operating systems.”

Red Hat goes on to say that it does not know of any exploits which target Bash on systems that have the latest patches installed. As for why these flaws weren’t discovered faster, the blog post states that the holes in Bash were in a feature that was “obscure” and “rarely used.”

As for OS X based systems and the risks posed to them as a result of this threat, an Apple rep reportedly stated that the “vast majority of OS X users are not at risk to recently reported bash vulnerabilities.”

Original story

The hits just keep on coming for the cyber security world. The newest threat to land is called Shellshock, and it affects something called Bash.

Bash, which is short for “Bourne again shell,” is a piece software that controls Linux’s and OS X’s command prompt. The U.S. government says that the vulnerability in Bash affects “Unix-based operating systems such as Linux and Mac OS X.”

The United States Computer Emergency Readiness Team states that the flaw could “allow a remote attacker to execute arbitrary code on an affected system.”

Related: How to check if your servers and systems are affected by the Shellshock flaw in Bash

The National Vulnerability Database rates the severity of this problem at “10.0 HIGH.” On top of that, at least one cyber security expert says that it’s not difficult for a seasoned hacker to exploit the flaw in Bash.

“Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, et cetera,” Tod Beardsley of Rapid7, a cyber security firm, said to Reuters. “Anybody with systems using Bash needs to deploy the patch immediately.” 

The first patch that was released to address the flaw was found to have problems of its own, preventing it from fixing the issues that it was designed to rectify in the first place. That’s according to the official Red Hat Security Blog.

This is being followed up with a new patch that should right the wrongs caused by the first update. However, Red Hat still recommends that users apply the original, buggy patch, instead of waiting for the new patch to come out.

That’s because, as Red Hat’s latest security blog update states, the problems associated with the flawed patch are “less severe,” and that “patches for it are being worked on.

In the meantime, Apple has yet to issue any patches of its own that address the Shellshock bug.



The Legend of Zelda: Breath of the Wild bug lets Link ignore temperature effects

A newly discovered bug in The Legend of Zelda: Breath of Wild allows players to max out both hearts and stamina. The glitch also disables temperature effects such as the heat of Death Mountain and the cold of Hebra.

HMD Global admits Nokia 7 Plus handsets sent user data to China

Nokia could be in some hot water. According to recent reports, Nokia 7 models may be secretly sending data to China without the user knowing about it. Nokia says that the issue was a software bug and that it has been fixed.
Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.

Need a quick battery boost? Try one of our favorite portable chargers

Battery life still tops the polls when it comes to smartphone concerns. If it’s bugging you, then maybe it’s time to snag yourself a portable charger. Here are our picks for the best portable chargers.

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code. 

Nvidia faces attacks from AMD, Intel, and even Google. Should it be worried?

Nvidia announced an expanded array of RTX server solutions designed to leverage the power of ray-tracing at GTC 2019. The effort will help Nvidia take on Google's Stadia in game streaming with GeForce Now, and the company's investments in…

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.

Microsoft’s Clippy came back from the dead, but didn’t last very long

Before Cortana, Alexa, and Siri even existed, Microsoft Clippy dominated the screens of computers in the 1990s to help assist Microsoft Office users when writing letters. He recently made a bit of a comeback only to die off again.

How 5G networks will make low-latency game streaming a reality

Faster speeds and more bandwidth are some of the many promises that 5G can deliver, but for gamers, the most important thing is low latency. To achieve low latency, carriers like AT&T and Verizon are exploring hybrid models for game…

Time to do taxes? Save up to 50 percent on H&R Block tax software this weekend

Tax season is stressful, and with new tax laws in effect this year, it's not a bad idea to get some help. H&R Block has you covered: For two days only, you can save 50 percent on its great software so you can file your taxes online and save…

Stop dragging windows on your Mac. Here's how to use Split View to multitask

The latest iterations of MacOS offer a native Split View feature that can automatically divide screen space between two applications. Here's how to use Split View on a Mac, adjust it as needed, and how it can help out.

Breeze through security with these checkpoint-friendly laptop bags

Getting through airport security is a drag, but your laptop bag shouldn’t be. Thankfully, these checkpoint-friendly laptop bags will get you and your gear to your destination with ease.