'Bigger than Heartbleed' Shellshock flaw leaves OS X, Linux, more open to attack<article>
<section class="page">
<p>
Well, this isn't good. Akamai security researcher Stephane Chazelas has discovered a devastating flaw in the Unix Bash shell, leaving Linux machines, OS X machines, routers, older IoT devices, and more vulnerable to attack. "Shellshock," as it's been dubbed, allows attackers to run deep-level shell commands on your machine after exploiting the flaw, but the true danger here lies in just how
old Shell Shock is—this vulnerability has apparently been
lurking in the Bash shell for years.</p><p>
<strong>Why this matters:</strong> A large swath of the web-connected devices, web servers, and web-powered services run on Linux distributions equipped with the Bash shell, and Mac OS X Mavericks is also affected. The fact that Shellshock's roots are so deep likely means that the vulnerability will still be found in unpatched systems for the foreseeable future—though the odds of it directly impacting
you appear somewhat slim if you use standard security precautions.</p><p class="jumpTag"><a href="/article/2687857/bigger-than-heartbleed-shellshock-flaw-leaves-os-x-linux-more-open-to-attack.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
'Bigger than Heartbleed' Shellshock flaw leaves OS X, Linux, more open to attack
