The Connection, Inc Blog

The Connection, Inc has been serving the New Jersey area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Alert: Don’t Get Hit with Shellshock by the New Bash Bug

b2ap3_thumbnail_alert_bash_bug_400.jpgA new malicious threat in the technical marketplace has just been discovered. The bug, dubbed the Bash bug, or "shellshock," is on the loose for users of Unix-based operating systems, like Linux or Mac OS X. It allows the execution of arbitrary code on affected systems, and could potentially be very dangerous for your business. In fact, CNet is calling it "bigger than Heartbleed."

Bash, which is commonly referred to as "Bourne again shell," is a staple feature of most utilities in Unix-based operating systems. RedHat's official security blog details the nature of the bug in the Bash shell:

In Linux, environment variables provide a way to influence the behavior of software on the system. They typically consist of a name which has a value assigned to it. The same is true of the Bash shell. It is common for a lot of programs to run bash shell in the background. It is often used to provide a shell to a remote user (via ssh, telnet, for example), provide a parser for CGI scripts (Apache, etc) or even provide limited command execution support (git, etc).

The problem is found in the environmental variables with specific values being used before the bash shell is summoned. These variables can contain code which is executed as soon as the bash shell is called. The name doesn't matter, so the content could be disguised as another, non-malicious variable. The most concerning vulnerability this bug provides is the ability for remote users to execute malicious code before the bash shell is activated.

Attacks have already been reported utilizing this vulnerability for a number of functions, including denial of service attacks and password-guessing bots, which randomly input poor password choices on unprotected servers. Researcher Robert Graham has located at least 3,000 systems vulnerable to the bug with a fairly specific search, and it is estimated that several times more machines could be vulnerable to this bug. This makes the threat very real, and if you use Linux or Mac OS X, your business's networks and data are at risk.

The threat is such a big deal that the United States Computer Emergency Readiness Team (US-CERT) has warned the public to download the patch before it infects their systems. To put it in perspective, the last vulnerability to make "Alert" status was the Backoff Point-of-Sale malware discovered in late July this year, which was able to steal sensitive information through sales terminals across the world.

While a patch has been released, it doesn't fix all vulnerabilities presented by the bug. However, it is still recommended by RedHat that you acquire the partial patch until the complete one has been issued. For help acquiring the patch, call The Connection, Inc at (732) 291-5938. We'll apply it remotely so you have to worry as little as possible.

Tip of the Week: How to Reorganize Your IT Infrast...
Are You Sure Your Former Employees Won’t Stab You ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Blog Archive

Mobile? Grab this Article

QR Code

Free Consultation

team work

Interested in seeing what we can do for your business? Contact us to see how we can help you!

Sign Up Today!

News & Updates

The Connection, Inc. Celebrates 32 Years as a Trusted Technology Provider!   Since our founding in 1992, technology and the way we operate and do business has changed a lot. Companies that have adapted and aligned themselves with ...

Contact us

Learn more about what The Connection, Inc can do for your business.

The Connection, Inc
51 Village CT
Hazlet, New Jersey 07730