Home New Security Flaws Render Shellshock Patch Ineffective

New Security Flaws Render Shellshock Patch Ineffective

Your system is still vulnerable to the Shellshock bug, even if you’ve patched it. Security researchers have found new flaws in bash, rendering previous patches ineffective.

See also: How To Detect And Patch This Big, Bad Unix Bash Shellshock Bug

The bash shell is an omnipresent command-line interpreter used by default in Unix and Linux, and by extension, Apple’s OS X software. The shell itself is decades old, and it turns out the bug has been present for the last 22 years without detection.

Linux stewardship company Red Hat released a series of fixes to patch up the eight or so versions of bash that were vulnerable. On Friday, Red Hat released a second round of patches to resolve newly discovered security flaws, and those discoveries keep coming.

See also: The Bash Bug Makes Every Mac Vulnerable; Here’s How To Patch It

Google security researcher Michal “lcamtuf” Zalewski has been tweeting as he uncovers increasingly serious vulnerabilities in the bash shell. He recommends Red Hat security researcher Florian Weimer’s still-unofficial patch.

https://twitter.com/lcamtuf/status/516297412579581952

Shellshock exploits are spiking with the development of “wopbot,” the first botnet designed specifically to target the bash bug. 

At the moment, the only people who need to worry about patching the Shellshock bug right away are system administrators and people who have tweaked the advanced Unix settings on machines running OS X or Linux.

“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities,” Apple said.

Photo via Shutterstock

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.