Security Experts Expect ‘Shellshock’ Software Bug in Bash to Be Significant

[InfoSec News <alerts () infosecnews org>]

http://www.nytimes.com/2014/09/26/technology/security-experts-expect-shellshock-software-bug-to-be-significant.html

By NICOLE PERLROTH
The New York Times
SEPT. 25, 2014

Long before the commercial success of the Internet, Brian J. Fox invented 
one of its most widely used tools.

In 1987, Mr. Fox, then a young programmer, wrote Bash, short for 
Bourne-Again Shell, a free piece of software that is now built into more 
than 70 percent of the machines that connect to the Internet. That 
includes servers, computers, routers, some mobile phones and even everyday 
items like refrigerators and cameras.

On Thursday, security experts warned that Bash contained a particularly 
alarming software bug that could be used to take control of hundreds of 
millions of machines around the world, potentially including Macintosh 
computers and smartphones that use the Android operating system.

The bug, named “Shellshock,” drew comparisons to the Heartbleed bug that 
was discovered in a crucial piece of software last spring.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/