comScore Check Your Mac, Linux Machine for Shellshock Vulnerability | The Mary Sue

There’s a Nasty Bug Affecting Mac, Linux, and Other Devices That Use Linux, Check to See If You’re Affected

Someone call Kernel Panic! Tech puns!

5908613920_4fe094daae_b

A vulnerability has just been detected in the Bash Unix shell that is used by Mac OS X computers, Linux machines, and various other devices like routers. The Bash Bug, also known as “Shellshock,” has been rated a 10 out of 10 on the Common Vulnerability Scoring System scale that’s the tech industry standard for scoring security threats—the Heartbleed SSL vulnerability only ranked a 5.

Luckily, the exploit was discovered by an open source software company called Red Hat. They immediately reported it as a security problem, so as long as it’s patched quickly enough, it shouldn’t cause any trouble despite its severity. Basically, it works by running strings of text as commands that sneak in at the end of other commands, according to RedHat’s detailed explainer.

Manufacturers are already releasing software patches for affected devices, so try to make sure that all of your electronics are up to date. Bash is a text-based command processor, so the vulnerability would give someone who used it to gain access to your system a variety of nasty things they could use it for by running commands and installing software.

A lot of Linux distributions have already patched the bug, and you can take a look at a guide on LinuxNewsPro on how to update and properly patch your own system. But you probably already did that, because you’re using Linux and are undoubtedly a mega tech geek who knew about this bug the second the news broke.

If you’re on a Mac, you can check to see if the version of Bash you have installed is vulnerable by running a test command with a string of text after it and seeing if that text runs as well. It looks something like this:

Screen Shot 2014-09-25 at 5.13.35 PM copy

What? No this isn’t from my machine, so don’t bother even trying. *nervous laugh*

If you’re not vulnerable, that command will return a warning and an error. Unfortunately, Apple hasn’t put out an official patch yet. There is a guide on how to update this yourself, but I’d recommend holding off for an official patch.

(via LifeHacker and Phys.org, image via Peter A. Shevstov)

Previously in computer bugs

Are you following The Mary Sue on Twitter, Facebook, Tumblr, Pinterest, & Google +?

Have a tip we should know? [email protected]

Filed Under:

Follow The Mary Sue:

Dan is a video game modding hobbyist and secret ninja who lives in North Carolina with his wife, Lisa Brown, and his dog, Liz Lemon, both of whom are the best.