Last week saw major news sources comment on the recent discovery of the Bash bug, also known as Shellshock, which raised security concerns across the Internet. Earlier this year the Hearbleed bug was estimated to have potentially impacted nearly 2/3 of the world’s servers; Shellshock may have a much larger and widespread impact.
The flaw affects machines running UNIX, Linux, and even Apple’s OSX. Unfortunately this bug is mainly affecting servers so unlike Heartbleed, this is something that is out of a user’s hands, and server admins will need to patch their system to be up-to-date.
Late last week Apple released at statement that said most of their devices should not be vulnerable due to configuration settings. It was also reported that within hours of the announcement of the Bash bug, some hackers were inserting malware into servers to create botnets, often used in DDoS attacks.
Well how did all of this affect Priority Data and their web-based services?
Here at Priority Data, our web-based solutions were completely unaffected by the Bash Bug. In order to be affected by Shellshock, the servers must be using the UNIX, Linux or an Apple OS. At Priority Data, the type of servers we used were not impacted. We did an additional assessment and no systems at Priority Data have been impacted by Shellshock. However, other services that you use may be impacted. It is advised to always keep your devices up-to-date with the latest software manufacturer patches.