Shellshock – What You Need to Know
I was at the Apple Store in Yorkdale Shopping Centre (Toronto, Ontario) over the weekend and I overheard a staff member informing a customer who purchased a MacBook Pro that the Mac is not vulnerable to virus. I strongly disagree with the statement but that is a discussion for another day. The conversation brings to mind the current Mac OS X vulnerability known as Shellshock. It has been given the highest CVSS (Common Vulnerability Scoring System) score of 10/10. Here’s what you need to know to keep your computer system and information safe.
What is Shellshock?
Shellshock is the name given to a security vulnerability in the command-line user interface of a system (Bash “shell”). Bash translates commands that a user types into a command-line interface into languages that computers can understand. The vulnerability was first made public on September 24th, 2014.
A flaw in Bash could allow an attacker to remotely execute commands and mount a denial-of-service attack, steal data, deface Web pages and/or take complete control of a system on a network.
Are you at Risk?
If you are using Microsoft Windows computers there is nothing to worry about (unless you are running a bash implementation or Unix-Windows translation software – which is extremely uncommon in consumer PCs).
If you are running a system based on or related to Unix such as Linux and Mac OS X then your system is vulnerable. Most varieties of Android and iOS (iPhone/iPad) devices are not vulnerable as Bash is not the default shell for these operating systems.
How to Mitigate Your Risk?
According to an Apple spokesperson, the vast majority of Mac OS X users are not at risk. Mac OS X systems are safe by default and not exposed to remote exploits of bash unless users configure advanced Unix services. A software update is now available to patch the problem for advanced users.
The attacks are geared towards devices running Bash and are “listening” for communications from other computer systems on the Internet such as web servers. You can reduce the risk by keeping your computer systems protected behind a properly configured firewall that separates your network from the Internet.