Print

Print


To all IT Professionals:

Apple has released a patch for Shellshock (Bash Vulnerability), see details below:

http://krebsonsecurity.com/2014/09/apple-releases-patches-for-shellshock-bug/



Apple has released updates to insulate Mac OS X systems from the dangerous "Shellshock" bug<http://krebsonsecurity.com/2014/09/shellshock-bug-spells-trouble-for-web-security/>, a pervasive vulnerability that is already being exploited in active attacks.

[osx]<http://krebsonsecurity.com/wp-content/uploads/2014/09/osx.png>Patches are available via Software Update, or from the following links for OS X Mavericks<http://support.apple.com/kb/DL1769>, Mountain Lion<http://support.apple.com/kb/DL1768>, and Lion<http://support.apple.com/kb/DL1767>,

After installing the updates, Mac users can check to see whether the flaw has been truly fixed by taking the following steps:

* Open Terminal, which you can find in the Applications folder (under the Utilities subfolder on Mavericks) or via Spotlight search.

* Execute this command:
bash -version

* The version after applying this update will be:

OS X Mavericks:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
OS X Mountain Lion:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin12)
OS X Lion:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin11)

Please update your associated Mac OS X version accordingly.

Mike


Michael Rutt | Sr. Security Analyst | [log in to unmask]<mailto:[log in to unmask]> | 402-472-0933