large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Shellshock Bash bug could affect millions of Mac and Linux systems

A major new bug has been discovered that could affect millions of Apple Mac and Linux computer systems.

The flaw in question, which has been given the name Shellshock, has been discovered in a Unix command shell known as Bash. This is present in Apple’s Mac OS X as well as any system based on the Linux platform.

The bug enables an attacker to remotely control any unprotected system that runs the Bash code. As such, it could be even more serious than the much-publicised Heartbleed bug that came to light earlier in the year.

Not only does does the Bash flaw offer complete outside control of systems to an attacker, but far more people are thought to be susceptible than they were to Heartbleed.

While Heartbleed affected around 500,000 users, some estimates number those machines at risk of the Bash exploit at upwards of 500 million. Also of concern is the relative ease of exploiting the Shellshock bug, with just three lines of code required.

Individual computers protected by a firewall shouldn’t have too much to worry about, but the big concern here is the many web servers that run the Apache system, which means that they are open to the Bash exploit. It also means that there’s very little home users can do about it.

The advice to home users worried about vulnerability is to keep an eye out for any software updates for your system – especially for your broadband router – and to ensure that those updates are installed as soon as they appear.

Read More: Heartbleed – a simple guide to staying safe

Via: BBC News, Independent

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.