Recently security experts discovered a bug effecting OS X (Mac), Linux and Unix operating systems. This serious bug, Shellshock, was found in these systems that use the Bash command. Different network equipment use different types of Linux making them vulnerable to this bug as well which would effect millions of people. The level of this bug has been rated 10 out of 10 by Cybersecurity agency, Rapid7, because of how easy it is to execute. It is even rated higher than the previous Heartbleed bug effecting OpenSSL.

The Shellshock allows for hackers to gain complete control of these systems which is a bit different from the Heartbleed bug which just allowed hackers to steal data.

What can I do?

The latest patches make the bug more difficult to execute, but does not fix the bug. If you have one of the effected operating systems the best thing you can do is keep your system up-to-date, but Apple has not yet released an update for OS X. Apple did recently announce, however, that OS X users are not at risk by default. So just don't go enabling any advanced Unix options until this is patched.

Security Appliances Effected

If your router or firewall uses Unix, which many do, then those are also effected and hackers could gain control and access your network. Most of our customers use SonicWall and Meraki for security and the manufacturers have announced they are not effected.