Last week, reports surfaced that a new widespread security vulnerability affecting numerous users had been discovered. It's called Shellshock, and it has actually been around for a while. Is it a cause for some concern? Sure. Does it justify mass hysteria? We don't think so.
What is Shellshock?
Shellshock is a bug that affects a good number of computers, servers, applications, and services. The most common operating systems affected are Linux and Mac OS X. Essentially, the Shellshock bug could potentially allow hackers the ability to gain access to and/or install malware on affected machines.
I have a Mac, does that mean I'm at risk?
Yes, technically, but the risk is small, based on how most Macs interact with the network. However, Apple has released an update to address this vulnerability. So, if you have a Mac, we recommend applying all the latest updates, like you would under normal circumstances.
What else is at risk?
The Linux operating system is pretty widespread, so there are a number of devices and services out there that have the Shellshock vulnerability. Thankfully, though, most reputable vendors are releasing firmware updates and security patches to address the issue.
And, if you're a client of 3n1media, rest assured that we are on the lookout for devices and services that need to be updated to remove the vulnerability. We are systematically updating our hosted services, and we will do the same for our clients.