Shellshock, the security hole in Bash that affects Linux and OS X

Shellshock

A security hole has been discovered in Bash that jeopardizes the security of Linux and Mac users. This vulnerability, dubbed ‘Shellshock’, affects the command interpreter in these operating systems.

So what does this mean? To give you an idea, this flaw could allow a cyber-criminal to remotely access a system using Bash and insert spyware designed to steal confidential information or even take control of the system.

The hole was discovered by Stephane Schazeblas and it would appear that it is more serious than Heartbleed, the vulnerability discovered in the OpenSSL library last April. According to the CVSS rating of the security hole, Shellshock has a score of 10, while Heartbleed was rated 5.

What can you do to protect yourself from the Bash vulnerability? Update your software and keep your operating system up-to-date.

* Many thanks to our colleague from Critical Malware, Daniel Garcia, for his help.

The post Shellshock, the security hole in Bash that affects Linux and OS X appeared first on MediaCenter Panda Security.

Leave a Reply