The BASH, Bourne Again Shell, bug is probably the most devastating vulnerability that has ever been found and experts believe that it is even dangerous than the previously discovered SSL vulnerability, HeartBleed. The Bash bug, also known as, Shell Shock, can allow hackers to execute arbitrary code on the machine that can eventually result in a complete take over of the device.
There has been an update to fix the bug; however, the previously released bug patch was incomplete. The patch only focused on the bug mentioned in CVE-2014-6271, however, left out the other associated issues with it. The update that was launched on Friday was able to fix it completely.
“Shortly after that issue went public, a researcher found a similar flaw that wasn’t blocked by the first fix and this was assigned CVE-2014-7169,” said Red Hat. Red Hat said that the CVE-2014-7169 itself is not a bigger security issue, but it is necessary to fix everything that can lead to a security breach.
However, only Linux and Macintosh computers are affected by this bug as they include a bash shell with them, whereas, Windows users are completely safe in its absence. The Redmond giant packs it flagship OS with PowerShell than Bash Shell.
Updates are already out for Linux operating systems; however, Apple said that Macintosh computers are completely safe from this bug. The Cupertino giant said, “The vast majority of OS X users are not at risk to recently reported bash vulnerabilities. Bash, a Unix command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced Unix services. We are working to quickly provide a software update for our advanced Unix users.”
[…] Bash Shellshock bug’s new patch fixes everything […]
[…] Bash Shellshock bug’s new patch fixes everything […]
One of the best things about Linux and open source software is the speed at which problems are patched. It is also a good thing that the source is open so these problems are found and fixed. Windows has to many security flaws, they call them viruses, but it really is a security problem that someone has figured out code to exploit. If Windows is patched it sometimes takes forever for them to patch it when an exploit is known.
My house is a Linux house, all three computers in it run Linux, one does have a duel boot to Windows because my daughter is in school and needs programs that will not run under wine. But she boots out of Windows to surf and do everything else.
Linux haters have taken opportunity to make this bash bug a million times worse than it is and the vast majority of the ‘information’ being stated concerning the problem is erroneous. This is not the most devastating vulnerability there ever has been and there’s a complete patch for it. Certain technology groups are really overplaying this issue ($$$) and the ignorant media is naturally hooking into any stink, whether valid or not, that makes a good story.