New Software Bug Has Potential to Affect Hundreds of Millions of Computers
The bug can be used to remotely take control of almost any computer system. Experts say this could be more serious than Heartbleed.
A dangerous bug has been found in a software component called Bash, commonly used in Linux systems and in Apple’s Mac operating system. Dubbed shellshock, the bug can be used to remotely take control of almost any computer system, and according to a report by BBC News, some experts believe this bug may be more serious than Heartbleed, discovered in April.
Prof Alan Woodward, a security researcher from Surrey, told the BBC, “Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system. The door’s wide open.”
Experts estimate that Shellshock could hit 500 million machines. The problem is even more serious because many web servers use the Apache system, which uses the Bash software component. Bash stands for Bourne-Again-SHell and it’s a command prompt on many unix computers. Unix is an operating system on which other operating systems like Linux and Mac OS are built off.
The U.S. Computer Emergency readiness Team (US-Cert) is warning people about Shellshock and urging administrators to apply patches. However, some security researchers say patches are incomplete and will not fully secure systems.
According to an analysis by Mark Ward, a technology correspondent for the BBC, Shellshock rates a 10 on the vulnerability scale, but it is still too early to know how widespread its effect might be.
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!