IT is on high alert to deal with a fault in the BASH command interpreter found on Unix OS variants that could allow a hacker to take control of the computer. Apple is one of the first vendors to respond, releasing an update to its Unix based Mac OS X to address the vulnerability.
Dealing with this bug, appropriately nicknames “Shellshock”, has become an urgent issue for IT because a high percentage of enterprise servers and web servers may be vulnerable.
It is important to note that Windows servers and desktops are not impacted.
Who’s Vulnerable to BASH Shellshock?
Every computer that has BASH installed could be exploited, assuming they are connected to the Internet and have certain software turned on. That could include all Unix servers, Linux servers and desktops, Android devices and Macs.
However, the working assumption now is that only the server are likely to be vulnerable because they are the only ones that would have a reason to turn the relevant software on.
Individuals with Linux and Mac desktops or Android devices should be safe. Right?
If your desktop or device connects to a server through the Internet it is at least possible that a compromised server could reconfigure you BASH so that it becomes controllable. The safest thing to do is to apply all vendor OS updates as soon as available to address BASH.