A new virus called “Shellshock” could affect hundreds of millions of computers, servers, and devices. It targets a software component called “Bash” which is part of many Linux systems as well as Apple’s Mac operating system.
The bug can be used to remotely control just about any operating system on a Bash-based device.
Experts analyzing the potential severity of this virus suggest it could be worse than the Heartbleed virus discovered in April. That’s because Heartbleed simply let the hackers peek into systems to gather information; Shellshock, on the other hand, gives the hacker direct access to the system itself.
What’s more, it was believed 500,000 machines worldwide were vulnerable to Heartbleed. Early estimates, which many experts are calling conservative approximations, have the potential impact of Shellshock at 500 million machines the world over.
So wherein lies the problem? Many web servers are run using the Apache system. One of the components that makes Apache run is Bash.
Bash, which stands for Bourne-Again Shell, is a command prompt on most Unix-based computers. For those unfamiliar, Unix is a foundation operating system upon which other OS’s are built, including Linux and Mac OS.
The potential harm that Shellshock could dole out led to the U.S. Computer Readiness Team to issue a warning about the bug, urging system administrators to apply patches as soon as possible.
Cybersecurity specialists Rapid7 rated the Bash bug a 10 out of 10 for severity, but low on complexity — meaning it’s a relatively easy vulnerability for hackers to capitalize on.
The group concluded that anyone with systems using Bash should deploy a patch immediately.
For PC users, it’s been suggested that individuals keep an eye on manufacturer websites for updates, especially for hardware like broadband routers.
Story via BBC
Advertisement
Learn more about Electronic Products Magazine
