“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities,” states the Apple public statement.”Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.“
“Oracle is still investigating this issue and will provide fixes for affected products as soon as they have been fully tested and determined to provide effective mitigation against the vulnerability,” states the Oracle Security Alert for CVE-2014-7169.
“The fixes that are available for immediate application by customers are listed in the Patch Availability Table. This Security Alert will be updated when fixes are available for additional affected Oracle products without sending additional emails to customers. Customers should check this page for updates.
Due to the severity, public disclosure, and reports of active exploitation of CVE-2014-7169, Oracle strongly recommends that customers apply the fixes provided by this Security Alert as soon as they are released by Oracle.”
On the Internet is also available an unofficial patch that fixes the Bash Bug, in a message sent to the Open Source Software Security (oss–sec) mailing list, the maintainer of Bash, Chet Ramey addressed the vulnerability and issued the patch.
(Security Affairs – BashBug, Oracle, Apple)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.