877-886-6332 [email protected]

‘Shellshock’ bug may affect as many as 500 million machines

Sep 26, 2014 | Malware and Exploits

So we’ve been busy since yesterday and again today applying patches to all of our servers (and there are quite a few – including some legacy servers for clients where patches were not so simple to apply) – but this shellshock bug has the potential to affect 500 Million + machines – to put that into perspective, the “heartbleed” bug – was expected to affect 500,000 machines – this one is 1,000 times the size.

Bash is vulnerable with the 'shellshock' bug - and the door is WIDE openIt is being called ‘shellshock’ because it affects the unix shell command ‘bash’ – which stands for ‘Bourne Again SHell.  A shell is the command line processor in a unix operating system – similar to the command or DOS prompt in Windows.

The first patches that came out yesterday were superseded by replacement patches issued today. Many of our servers auto-applied this patch, others were pushed into the patch (not all machines download + update at the same time – and many don’t have auto-updates configured).

http://krebsonsecurity.com/2014/09/shellshock-bug-spells-trouble-for-web-security/
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.


The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and did not fully address the problem. MITRE later assigned CVE-2014-7169 to cover the remaining problems after the application of the first patch.


US-CERT recommends users and administrators review TA14-268A, Vulnerability Note VU#252743 and the Redhat Security Blog for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.
Operating systems with updates include:

So – if you run any linux (including MacOS) – be on the lookout for a patch or patches for the command “bash” – and apply them immediately. Even if you’re behind a firewall – if you have a single infected machine (even windows), the bots these criminals will load can be configured to go and hunt for vulnerable machines inside your network… it only takes ONE machine with an unrelated infection on your network.

Happy Friday… and happy patch day…

Ready for the right solutions?

It’s time to offload your technology troubles and security stress.

"*" indicates required fields