Update on Shellshock Patch Progress for Mac OS X
In yesterday’s post, I reported there is a vulnerability within the bash shell commonly used in Mac OS X, Unix, and some Linux distributions.
Today, CNET.com–citing a statement from Apple–stated that this vulnerability is only a major concern if your machine runs programs that then run bash to perform certain tasks and that most casual Mac users will have little to worry about:
“Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems,” it continues. “With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”
If your system does require a patch, there is progress on an advanced workflow methodology by using a combination of Apple’s Xcode (if installed on your iMac) with step-by-step instructions available through the collaboration site, StackExchange. Currently, Network Services here on campus are already working on a fix for any outward-facing servers.
For more information, check on this article from CNET.com