Skip to main content
  1. Home
  2. Computing
  3. News

Shellshock bug in Bash affects Linux and Mac OS X, but the first fixes are already out (Updated)

By

Update 9/26/14 6:04 p.m. ET by Konrad Krawczyk: According to the official Red hat security blog, additional patches that are designed to combat and rectify the problems associated with the Shellshock bug in Bash have been released.

On top of that, Red Hat says that “patches are available for most operating systems.”

Recommended Videos

Red Hat goes on to say that it does not know of any exploits which target Bash on systems that have the latest patches installed. As for why these flaws weren’t discovered faster, the blog post states that the holes in Bash were in a feature that was “obscure” and “rarely used.”

Related

As for OS X based systems and the risks posed to them as a result of this threat, an Apple rep reportedly stated that the “vast majority of OS X users are not at risk to recently reported bash vulnerabilities.”

Original story

The hits just keep on coming for the cyber security world. The newest threat to land is called Shellshock, and it affects something called Bash.

Bash, which is short for “Bourne again shell,” is a piece software that controls Linux’s and OS X’s command prompt. The U.S. government says that the vulnerability in Bash affects “Unix-based operating systems such as Linux and Mac OS X.”

The United States Computer Emergency Readiness Team states that the flaw could “allow a remote attacker to execute arbitrary code on an affected system.”

Related: How to check if your servers and systems are affected by the Shellshock flaw in Bash

The National Vulnerability Database rates the severity of this problem at “10.0 HIGH.” On top of that, at least one cyber security expert says that it’s not difficult for a seasoned hacker to exploit the flaw in Bash.

“Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, et cetera,” Tod Beardsley of Rapid7, a cyber security firm, said to Reuters. “Anybody with systems using Bash needs to deploy the patch immediately.” 

The first patch that was released to address the flaw was found to have problems of its own, preventing it from fixing the issues that it was designed to rectify in the first place. That’s according to the official Red Hat Security Blog.

This is being followed up with a new patch that should right the wrongs caused by the first update. However, Red Hat still recommends that users apply the original, buggy patch, instead of waiting for the new patch to come out.

That’s because, as Red Hat’s latest security blog update states, the problems associated with the flawed patch are “less severe,” and that “patches for it are being worked on.

In the meantime, Apple has yet to issue any patches of its own that address the Shellshock bug.

 

Editors’ Recommendations

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
The 6 key things Apple must fix in the next version of macOS
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

I use macOS every day, and there’s no doubt that I love it as an operating system. Yet, despite how full of genuinely brilliant features it is, there are still a handful of things I just wish it did better.

Luckily, Apple’s Worldwide Developers Conference (WWDC) is just a month away, which means there’s not long until we see what kind of software improvements Apple has in store for us. I’ve been thinking hard about what kind of changes I’d like to see happen, from Siri to Stage Manager and everything in-between. Here are the key areas I think Apple needs to fix in macOS 15.
Hey Siri, meet AI
Even when I ask Siri for the WWDC date, it can't give me a straight answer. Digital Trends

Read more
Don’t download the latest macOS Ventura update just yet
The 14-inch MacBook Pro with M3 Max chip seen from behind.

We have a warning if your MacBook or other Mac machine is still running macOS Ventura. The latest macOS Ventura 13.6.6 update is bringing a lot of big bugs, and it is affecting the way that people are using their favorite Apple products, so you might want to hold off on downloading the update.

Originally released back on March 25, this problematic update came at the same time as macOS Sonoma 14.4.1, which patched issues with Java, USB hubs, and more. Unfortunately, though, macOS Ventura 13.6.6 is introducing some new issues of its own. Spotted by the folks at GottaBeMobile, Mac users have taken to Apple's support forums to complain of everyday issues linked to this release that are breaking their Macs.

Read more
Common macOS Sonoma problems and how to fix them
Apple's Craig Federighi presents new features in macOS Sonoma at the company's Worldwide Developers Conference (WWDC) in June 2023.

Apple’s latest operating system, macOS Sonoma, has launched, and it brings with it a bunch of great new features for your Mac. But upgrading your Apple computer could lead to problems, and while this won’t happen to everyone, it can be frustrating when issues arise with any version of MacOS.

Fortunately, there’s help at hand. We’ve put together a list of the most common macOS Sonoma problems and how to fix them. Just follow these tips and they could help you out of a tricky spot. We’ve added links to Apple’s official guidance throughout, so be sure to check them out for more assistance.
macOS Sonoma won’t download

Read more