You may have heard about the Shellshock bug, the latest Internet security issue to make waves on news and tech sites throughout the web. Security experts are saying it has the potential to be bigger than the Heartbleed security flaw. What you might not understand is what the bug is and what its discovery means for you. Fortunately, we have laid out the details to help you be more informed about this issue.
What is the Shellshock bug?
A bug is the term used for an error in the code of software. This particular bug is a vulnerability that was discovered in the Bourne Again Shell (BASH), which is part of many operating systems including Linux, Unix and Apple’s OSX. While BASH can be found on some Windows and Android systems, it is not likely to cause any issues with these because it is not used by default. Unlike the Heartbleed bug, which only let attackers access and view information from vulnerable systems, Shellshock has the potential to let attackers take control of a system if exploited.
Who does this bug affect?
The good news: Windows systems are not affected by this bug. That should come as a relief to PC owners, who are probably used to being the target of viruses and hackers.
The bad news: If you have an Apple Mac computer that is running OSX, you are vulnerable to this bug. So far, iOS devices like iPods, iPads and iPhones haven’t been found to be at risk, but it’s still better to be careful since more information is developing as computer experts work to figure Shellshock out.
Security expert David Longenecker also pointed out that many systems beyond personal computers use BASH and are potentially vulnerable to exploitation. Some of the products you may own include audio/video camera systems (such as baby monitors), networked file storage devices and routers as well as other wireless access points.
What can I do to stay safe?
OSX users should download and install the patch. Apple has set up a page on its support website where you can download a patch which will fix the Shellshock security flaw. Once you download and install this patch, you should be okay. That being said, it is important to also pay attention to the news in the weeks to come in case further problems are discovered and another patch is released.
Always use a protected, trusted Internet connection. It’s important to ensure any products you own which are connected to the Internet are secured, and that you use only a trusted connection with them. Don’t use public or unsecured Wi-Fi connections if you can, and always use a strong password to protect your home and work networks.
Don’t panic. Until more is known about how this bug may or may not affect the average person, you should remain alert but not alarmed. At the moment, large businesses that need to scour their systems for the vulnerability and get it fixed are facing the biggest challenge in all of this, as they will be the main targets of the flaw.