VisiCom Services Blog

VisiCom Services has been serving the Rochester Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Caution: New Bash Bug Vulnerability Might Leave You with Shellshock

b2ap3_thumbnail_bash_bug_vulnerability_400.jpgFor users of Unix-based operating systems, there's a new threat on the loose. The vulnerability, promptly called the Bash bug, or "shellshock," is targeting systems equipped with Linux and Mac OS X. The bug allows remote users to execute arbitrary code within the operating system.

The Bash shell, commonly called the "Bourne again shell," has been a consistent feature for Unix-based operating systems for over 20 years. The official security blog at RedHat elaborates how the bug in the Bash shell is taken advantage of:

In Linux, environment variables provide a way to influence the behavior of software on the system. They typically consist of a name which has a value assigned to it. The same is true of the Bash shell. It is common for a lot of programs to run bash shell in the background. It is often used to provide a shell to a remote user (via ssh, telnet, for example), provide a parser for CGI scripts (Apache, etc) or even provide limited command execution support (git, etc).

Complications can occur if the source code behind environmental variables has been altered before the bash shell is summoned. This allows arbitrary code to be disguised inside software and masquerade as something legitimate, when in reality the threat is hidden within programs and can alter the functions of the software. The most concerning way of exploiting this bug is to allow remote users to execute malicious code within the system. Due to the incredible amount of software out there which utilizes the bash shell, the potential damage this bug can cause is devastating.

Ever since the bug was revealed, hackers have been flocking to take advantage of it. There have already been several attacks utilizing the vulnerability, including denial of service attacks and botnets. Researcher Robert Graham has already detected 3,000 systems vulnerable to the bug, and estimates that the actual number of operating systems which could be attacked are several times greater. In a Twitter post, Graham says, "I think I was wrong saying that Shellshock was as big as Heartbleed. It's bigger."

Top security researchers are concerned, and you should be too, especially if you use Linux or Mac OS X on your business's networks and servers. Even if you don't, Bash script is used on a lot of mobile software, putting most Internet of Things technology at risk of compromise. In fact, the threat is so huge that the United States Computer Emergency Readiness Team (US-CERT) has issued an alert to the masses: download the patch before the Bash bug infects your systems. The last time the US-CERT issued an "alert" on their official security website was for the Backoff Point-of-Sale malware, which targeted sales terminals and stole credit card numbers from plenty of individuals across the globe.

Patches are coming in slow and steady, but they aren't enough to keep up with the bug. While patches have been issued, the are not complete. However, RedHat still suggests that you use the partial patch until the complete one has been released. VisiCom Services can help your business take advantage of the patch, and we can offer you assistance with protecting your business's network from the attack. Just call us at 248.299.0300.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Wednesday, 16 October 2019
If you'd like to register, please fill in the username, password and name fields.

Sign Up For Our Newsletter

Powered by ChronoForms - ChronoEngine.com

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Tip of the Week: Tip of the Week: Mirror or Cast Your Android Device’s Screen
14 September 2017
Usually I don't refer spending time like these categories subjects and website but really the blog w...
Tip of the Week: 4 Google Chromecast Features that May Surprise You
05 September 2017
I’m really satisfied to find this site.I need to thank you only for this brilliant read!!I unquestio...
Microsoft OneNote May Be the Best Note-Taking Tool on the Market
27 June 2017
I blog frequently and I really value your substance. The article has really crested my advantage. I ...

Latest Blog Entry

16 October 2019
Visicom Blog
Security
Most people know what a URL is. It’s the address of a website, typically starting with http:// or https://, and it is essentially the location of a web page or application that can be accessed through...

Latest News

Contact Us

Learn more about what VisiCom Services can do for your business.

callphone

Call us today    248.299.0300

2534 S Rochester Road
Rochester Hills, Michigan 48307

#