Improved patch tackles new Shellshock Bash bug attack vectors Lucian Constantin
Sep 29, 2014 7:33 AM
System administrators who spent last week making sure their computers are patched against Shellshock, a critical vulnerability in the Bash Unix command-line interpreter, will have to install a new patch that addresses additional attack vectors.
The Shellshock vulnerability was originally discovered by Akamai Technologies security researcher Stephane Chazelas and can be exploited in several ways to remotely execute code on systems like Linux and Mac OS X that use Bash as their default shell.
Further reading: Safe from Shellshock: How to keep your home computer safe from the Bash shell bug
The fact that the bug has existed in Bash for many years and that Linux is used on a wide variety of devices from servers to industrial equipment and embedded electronics, means that the flaw’s impact is potentially very large.