A List Apart

Menu
The A List Apart Blog Presents:

Shellshock: A Bigger Threat than Heartbleed?

Article Continues Below

Time to update those Linux servers again. A newly-discovered Linux flaw may be more pervasive, and more dangerous, than last spring’s Heartbleed.

A newly discovered security bug in a widely used piece of Linux software, known as “Bash,” could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April, cyber experts warned on Wednesday.

...

Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said. The “Heartbleed” bug allowed hackers to spy on computers, but not take control of them.

“Bash” Software Bug May Pose Bigger Threat Than “Heartbleed”, Re/code

This new vulnerability, being called Shellshock, has been found in use on public servers, meaning the threat is not theoretical. A patch has been released, but according to Ars Technica, it’s unfortunately incomplete.

2 Reader Comments

Load Comments