Most OS X Users Safe Against the Bash Vulnerability

Posted on September 29, 2014 by .

Share and Enjoy:
Follow Me on Pinterest More More

In a response to users’ concern regarding the exposure of Mac OS X to the Bash vulnerability, Apple representatives stated that most Apple users shouldn’t be worried as their systems are not at risk. The company is working on a patch at the moment.

The experts say that the OS X systems are safe by default, unless the users decide to configure advanced UNIX services. For those customers, the company is working on a software update.

Compared to the UNIX and Linux users, OS X users are less exposed to the many exploits out there and the potential for a DDoS botnet consisting of computers compromised by the Bash flaw. According to analysts from the security firm Securosis, the Bash vulnerability affects OS X just like it does UNIX and Linux, but the OS X machines are less exposed to risk, because most of their deployments are not on web servers.

Early Linux Patches Deemed Incomplete. Apple Users Advised to Wait.

Users are advised to show a little patience and wait for the Apple patch instead of compiling one manually. The patches from the major Linux distributions like Ubuntu, Red Hat, etc., have been released too early and have been proven incomplete.

Bash is the default command-line shell in UNIX, Linux and OS X, and it’s required by numerous functions in those systems; some of them are not even in plain sight. Under those circumstances, the patching of the Bash bug can be quite a challenge.

The flaw is relatively simple to exploit, which allows cyber criminals to attach the malicious code remotely to an environmental variable, executed as Bash is called. The problem is the millions of home router, embedded devices, web servers, etc. invoke Bash calls. Among the most common ones are Apache servers that use mod_cgi or mod_cgid, or Git deployments over SSH.

Popularity: 4%


Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word