To all IT Professionals:

Apple has released a patch for Shellshock (Bash Vulnerability), see details below:

Apple has released updates to insulate Mac OS X systems from the dangerous "Shellshock" bug<>, a pervasive vulnerability that is already being exploited in active attacks.

[osx]<>Patches are available via Software Update, or from the following links for OS X Mavericks<>, Mountain Lion<>, and Lion<>,

After installing the updates, Mac users can check to see whether the flaw has been truly fixed by taking the following steps:

* Open Terminal, which you can find in the Applications folder (under the Utilities subfolder on Mavericks) or via Spotlight search.

* Execute this command:
bash -version

* The version after applying this update will be:

OS X Mavericks:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
OS X Mountain Lion:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin12)
OS X Lion:  GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin11)

Please update your associated Mac OS X version accordingly.


Michael Rutt | Sr. Security Analyst | [log in to unmask]<mailto:[log in to unmask]> | 402-472-0933