Shellshock Security Threat is Worst Than Heartbleed

Last updated: 2015/09/02 at 2:04 PM

By Jazib Ali 9 years ago 9 years ago

5 Min Read

Have ever heard of heartbleed? Yes, then now came another worst security threat named Shellshock. Its a flaw of security in Bash, a program that runs millions of computers worldwide.

Bash programme is command shell which tell computer what to do. Shellshock is flaw in the bash software that allows hacker to take control of your computer and run any program or install anything on your computer by using commands. This means that hacker can access your personal information too.

Security expert Robert Graham said in his tweet that

I think i was Wrong, Shellshock was as big as Heartbleed. Its bigger.

Graham also told that this bug is dangerous for internet connected devices because there softwares are built using scripts. They are less likely to be patched and hence are more likely vulnerable.

Heartbleed was discovered in April and was from OpenSSL bug but this bug is even serious because it allows hackers to steal information from computers.

Lots of work is being done on this issue and many companies are working to develop patches for this vulnerability. It still is widely discussed and reportedly more bigger issue than that of heartbleed.

But there is good news for Windows users that it does not affects them much as it majorily is for Mac and other products because Windows do not on Bash.

Solutions:

Apple have released an update to patch OS X. It could not downloaded from store but is manually available from apple. Lion user can download update is here and Mountain Lion is here

According to apple these updates fixes first two common vulnerabilities and exposures (CVE) associated with shellshock or bash bug. If you are using any Mac based server than you should install these updates to protect yourselves.