Shellshock: Bash bug Bigger Than Heartbleed

Written By Chio Chyo on Tuesday, September 30, 2014 | 9:47 AM

Hackers have launched attacks exploiting the newly identified "Shellshock" computer bug, researchers warned on Thursday, as news surfaced that initial patch to the issue was incomplete, suggesting even updated systems were vulnerable The attacks came as security experts scrambled to discover the amount of systems and kinds of computers are susceptible to "Shellshock," which some say could be as serious because the "Heartbleed" vulnerability that surfaced in April.
A security flaw discovered at a most fundamental interfaces powering the net is explained by researchers as ‘bigger than Heartbleed'.
The 'Bash bug', generally known as Shellshock, is found in the command-line shell found in many Linux and Unix systems, leaving websites and devices power by these os accessible to attack.

However, unlike Heartbleed, Shellshock won't require users to rush from site to site changing their passwords nevertheless it does give hackers another way of attack they might use to consider over computers or cellular devices.

What is Shellshock?
Shellshock is really a mistake inside the code of any program called Bash, that is typically placed on non-Windows os's for example Mac, Unix and Linux. The bug allows hackers to deliver commands to your computer with no admin status, allowing them to plant malicious software within systems.

My system already infected? How to check?
Please follow instruction below to check your system
1. Open up Terminal
2. Type env check='Not vulnerable' x='() { :;}; check=Vulnerable' bash -c 'echo $check'
3. If your system not infected, you will see the message  Not vulnerable If yes will see the message Vulnerable

How to fix?
For Mac user, Apple has released a patch, you can download for MavericksMountain Lion and Lion then install on your computer.

Written by : Chio Chyo ~Home Work

Blog, Updated at: 9:47 AM

0 comments:

Post a Comment