Are you in Shellshock?

By - October 2, 2014

Are you properly protected against a recently reported critical vulnerability in the Bourne again shell, simply known as BASH? Where do you even start? According to this article, “It is best to assume your Linux, Unix, MacOSX systems and many networking devices are vulnerable….”

The vulnerability likely exists in almost any networked system, affecting web servers, servers, routers, desktop computers (including Macs), and other devices running BASH versions up to 4.3. The likelihood and subsequent impact of this risk is high, so the potential of this vulnerability being exploited is severe.

This bug was introduced through a programming error by developers over 25 years ago, but only recently was the vulnerability discovered and made highly public.

RSM’s National Security and Privacy team is actively working with clients to resolve this issue.   Due to the widespread and growing nature of this vulnerability, information is changing rapidly. Testing protocols are available. For additional recommendations and information regarding next steps check out–Shellshock (BASH Vulnerability) may allow compromise of your data.

Receive Posts by Email

Subscribe and receive notifications of new posts by email.