The BASH, Bourne Again Shell, bug is probably the most devastating vulnerability that has ever been found and experts believe that it is even dangerous than the previously discovered SSL vulnerability, HeartBleed. The Bash bug, also known as, Shell Shock, can allow hackers to execute arbitrary code on the machine that can eventually result in a complete take over of the device.
There has been an update to fix the bug; however, the previously released bug patch was incomplete. The patch only focused on the bug mentioned in CVE-2014-6271, however, left out the other associated issues with it. The update that was launched on Friday was able to fix it completely.
“Shortly after that issue went public, a researcher found a similar flaw that wasn’t blocked by the first fix and this was assigned CVE-2014-7169,” said Red Hat. Red Hat said that the CVE-2014-7169 itself is not a bigger security issue, but it is necessary to fix everything that can lead to a security breach.
However, only Linux and Macintosh computers are affected by this bug as they include a bash shell with them, whereas, Windows users are completely safe in its absence. The Redmond giant packs it flagship OS with PowerShell than Bash Shell.
Updates are already out for Linux operating systems; however, Apple said that Macintosh computers are completely safe from this bug. The Cupertino giant said, “The vast majority of OS X users are not at risk to recently reported bash vulnerabilities. Bash, a Unix command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced Unix services. We are working to quickly provide a software update for our advanced Unix users.”
Leave a Reply