Mac and Linux Computers Vulnerable to Shellshock, Said To Be Worse That Heartbleed

Mac and Linux Computers Vulnerable to Shellshock, Said To Be Worse That Heartbleed

by Pete Daniel on 26 September 2014 · 2452 views

2 full Mac and Linux Computers Vulnerable to Shellshock Said To Be Worse That Heartbleed

A new, far more dangerous threat to computer security has appeared which specifically affects Mac and Linux computers, but not Windows ones for a change. The threat has been rated 10 out of 10 by the United States Computer Emergency Readiness Group, part of the US Department of Homeland Security.

Whereas Heartbleed was a vulnerability that affected SSL security and already used passwords which could be largely resolved for users who swapped out their old passwords for new ones, Shellshock is entirely different in nature. Shellshock is about gaining direct access to a system remotely so that you can do whatever you want with it. Early estimates are that as many as 500 million computers globally could be affected.

The vulnerability relates to bash scripts that can be run from the command line on Linux distributions and Mac OS which is also fundamentally based around Linux too. As many computer servers including web servers are run using Linux operating systems because they're cheaper to supply, configure and maintain than Windows systems, the web hosting community may also be badly affected as well.

Mac servers are affected too but these have far less market penetration and are mostly centered around Mac-specific web hosts and larger web hosts that also offer Mac hosting as a speciality service to customers who want it.

Lose Control of Computers & Servers

Bash scripts can be used to completely take control of the server or computer under Linux or Mac. Web servers that host web sites are also often affected because many use the Apache web hosting software platform which also installs the bash component as standard.

Patches Released

The US Computer Emergency Readiness Team has urged both users and administrators to administer patches in order to plug this vulnerability and linked on their information page to four (CentOS, Debian, Redhat and Ubuntu) of the most popular Linux distributions that have already released fixes.

There are currently no known fixes for the Apple Mac OS X although this is thought to be in the works. There is some doubt by security researchers about whether the patches released to date actually do fix the vulnerability which has created even greater uncertainty for worried administators.

Why Windows Is Safe From This Threat

The reason Windows operating systems are not vulnerable to this issue is because Windows has its own command line system which doesn't work anything like the bash command line component which is included in Linux and Mac operating systems.

Cyber Threat

It is known that hackers are already scanning systems to check whether the system is still vulnerable to the threat. Cyber thieves essentially look for the low-lying fruit, easy hacks, rather than trying to gain access the hard way. Therefore, a known vulnerability like this which has yet to be patched is like a virtual open door for them to walk right through.

Code has been developed by certain hackers who have found a way to systematically scan for and use the vulnerability and this is now making the rounds in hacker forums on the internet. This development makes it even more important to patch systems as soon as update patches become possible.

Easier To Access That Other Vulnerabilities

This vulnerability is attractive to hackers with less experience as well because it is understood to be more easy to exploit. Gaining access and control to a system can include being able to see confidential information stored on the system and use that for financial gain.

Kaspersky Labs, a well known Russian security firm, have confirmed that they are starting to see exploits via the Shellshock vulnerability, web server infiltrations to install malware to collect confidential information from users of that server or web site hosted on that server, plus distributed hacker attacks using Shellshock as its basis.

It is already known that honeypot collective cyber attacks on the Akamai network attempted to flood their servers with nonsense data in an effort to knock them offline. In other cases, automated bots are being used to perform mass scanning of systems to determine whether they're vulnerable to Shellshock or not. Sometimes this is being done by security firms, whilst others times it is by hackers and hacker groups.

Other Hardware Vulnerable too

Broadband routers can also be hardware that is vulnerable and may need to be patched if it has a Linux based operating system.

Software Scan

Software like free Avast anti-virus package has a software scanner than can check for new updates to software that may be revised as a result of this vulnerability.

Single Point of Failure Risk

As it turns out, similarly to the central responsibility being under staffed and under funded with the Heartbleed threat, the Bash command line component is actually only the responsibility of one man. Chet Ramey, a developer at the Case Western Reserve University over in Ohio USA, is solely responsible for this key software component that is present on hundreds of millions of computers and servers around the world.

Such a critical software component should not be the responsibility of just one person when in this situation it makes key systems in the UK, US and Canadian national infrastructure vulnerable. Staff at large tech companies like Google, Amazon and Akamia have already begun issuing notices to their own staff and customers to update systems as fast as possible.

Comments (0)
Featured Articles