Jump to content

Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites

#1 TorrentInvites Community. Buy, Sell, Trade or Find Free Torrent Invites for Every Private Torrent Trackers. HDB, BTN, AOM, DB9, PTP, RED, MTV, EXIGO, FL, IPT, TVBZ, AB, BIB, TIK, EMP, FSC, GGN, KG, MTTP, TL, TTG, 32P, AHD, CHD, CG, OPS, TT, WIHD, BHD, U2 etc.

LOOKING FOR HIGH QUALITY SEEDBOX? EVOSEEDBOX.COM PROVIDES YOU BLAZING FAST & HIGH END SEEDBOXES | STARTING AT $5.00/MONTH!

Apple — Most Mac OS X Users Not Vulnerable to 'Shellshock' Bash Bug


Crypto

Recommended Posts

Apple-Mac-Vulnerable-Shellshock-Bash-Bug
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
On one hand where more than half of the Internet is considering the Bash vulnerability to be severe, Apple says the vast majority of Mac computer users are not at risk from the recently discovered vulnerability in the Bash command-line interpreter – aka the "Shellshock" bug that could allow hackers to take over an operating system completely.
 
Apple has issued a public statement in response to this issue, assuring its OS X users that most of them are safe from any potential attacks through the ShellShock Vulnerability, which security experts have warned affect operating systems, including Mac's OS X.

"

The vast majority of OS X users are not at risk to recently reported bash vulnerabilities

," Apple said. "

Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.

"

According to Apple, in OS X majority of users are considered to be safe so long as they haven’t configured any advanced access. Soon the company will also issue an OS X update to fix the potential hole, till then the OS X users are advised to make sure that they don’t enable any advanced UNIX options before the patch releases.
 
 

The critical vulnerability in the widely used Linux and Unix command-line shell, known as Bash or the GNU Bourne Again Shell, affects versions 1.14 through 4.3 of GNU Bash and is based on how Bash handles environment variables. By creating a function as part of the variable, it's possible to execute commands when the variable is evaluated.
 
The exploit reportedly affects most Linux- and Unix-based operating systems around the world, including OS X.
 
Researchers on Thursday also discovered that the ShellShock vulnerability has been exploited by the cyber criminals in the wild to take over Web servers as part of a botnet attack that is currently trying to infect other servers as well.
 
The Bash glitch has been described as more worse than the Heartbleed security flaw, discovered in April, that left all the information stored on data servers potentially vulnerable to hackers. Over 300,000 servers were still vulnerable to the most critical OpenSSL bug two months after the bug was first identified.
 
Users are advised to do not panic and avoid using advance services that can be exploited by the ShellShock vulnerability for quite sometime before the official patch for the issue is not released.
 
Till then, you may patch yourself using an unofficial patch that fixes the problem and claimed to completely addresses both vulnerabilities. In an email to the Open Source Software Security (oss-sec) mailing list, the maintainer of Bash, Chet Ramey addressed the vulnerability and issued the patch, but there is as of yet no official fix for the issue.

 

                       Add Rep and Leave a feedback

                      Reputation is the green button in the down right corner on my post

do you understand            if you having fun?                  it's a rising sun                           it's a man killing                              what's that feelin'

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Check out what our members are saying

  • Our picks

×
×
  • Create New...