System administrators who spent last week making sure their computers are patched against Shellshock, a critical vulnerability in the Bash Unix command-line interpreter, will have to install a new patch that addresses additional attack vectors.
The Shellshock vulnerability was originally discovered by Akamai Technologies security researcher Stephane Chazelas and can be exploited in several ways to remotely execute code on systems like Linux and Mac OS X that use Bash as their default shell.
The fact that the bug has existed in Bash for many years and that Linux is used on a wide variety of devices from servers to industrial equipment and embedded electronics, means that the flaw’s impact is potentially very large.
To read this article in full or to leave a comment, please click here