Shellshock: the latest major computer bug
Shellshock has been described as a “deadly serious” bug, and “about as bad as it gets”. It has the potential to affect hundreds of millions of computers, servers and devices. It can be used to easily take remote control of almost any system using a software component called Bash.
Bash stands for Bourne-Again Shell. It is a command prompt on many Unix computers. Unix is part of many operating systems, including Linux systems and Apple’s Mac operating system, and a flaw in the software component has left users vulnerable to this bug. It allows hackers to send commands to a computer without having admin status of that computer. If exploited, it will give remote attackers direct access to people’s computers. In the words of a security researcher at the University of Surrey, “the door’s wide open”.
Early estimates have suggested that more than 500 million computers could be affected by Shellshock, which would make it far more serious than Heartbleed, which was discovered in April and affected around 500,000 machines. These early estimates are said to be conservative, so many more people could be affected. Many web servers are run using the Apache system, which also includes the Bash component, so there is the potential for a very large number of people to be affected.
Patches are available from the US Computer Emergency Readiness Team (US-Cert), who issued a warning about the bug. The patches are available here, but security researchers have already warned that they are incomplete and would not leave systems fully secure. Experts have warned it could take years to fix properly, as it affects a piece of code which is used across lots of systems.
If you have concerns about how your business might be affected by Shellshock, Heartbleed or any other bugs, please give ECL a call on 01268 575300 or visit our website.
ECL recognises that every client is different, and every client has a different IT support requirement. Whatever the size of your business, we can offer a support scenario to suit your needs.
Whether your business already uses Cloud services or you’re considering the Cloud as a possible way forward, talk to us first. We can provide anything from fully hosted IT infrastructures on our own ECL Private Cloud, to simple on-line backups. We can also give expert advice on Office 365 and other Cloud platforms.
How would losing access to your IT systems and data for days, or even weeks, affect your business? For many if not most companies this would be a nightmare scenario, with potentially very serious consequences.