The A List Apart Blog Presents:

Shellshock: A Bigger Threat than Heartbleed?

Article Continues Below

Time to update those Linux servers again. A newly-discovered Linux flaw may be more pervasive, and more dangerous, than last spring’s Heartbleed.

A newly discovered security bug in a widely used piece of Linux software, known as “Bash,” could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April, cyber experts warned on Wednesday.

Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said. The “Heartbleed” bug allowed hackers to spy on computers, but not take control of them.

“Bash” Software Bug May Pose Bigger Threat Than “Heartbleed”, Re/code

This new vulnerability, being called Shellshock, has been found in use on public servers, meaning the threat is not theoretical. A patch has been released, but according to Ars Technica, it’s unfortunately incomplete.

2 Reader Comments

Got something to say?

We have turned off comments, but you can see what folks had to say before we did so.

More from ALA

Nothing Fails Like Success

Our own @zeldman paints the complicated catch-22 that our free, democratized web has with our money-making capitalist roots. As creators, how do we untangle this web? #LetsFixThis