How many of you remember the Heartbleed bug? Now, a bug has been discovered that could make Heartbleed look like child’s play.
In the last 24 hours, a bug called Bash, some call it Shellshock, has been disclosed. The are several reasons computer security experts are concerned. It can interact and mingle with other software suddenly and unexpectedly. Things like Internet-enabled cameras are especially venerable. Bash is a bug that has been around for a long time, unlike Heartbleed. So older machines are further at risk. Heartbleed can only hit new machines, which could be easily patched. Bash can infect old machines and systems, which can’t be patched. That’s what makes it potentially more potent than Bash. Now that’s the bad news. But there’s no need to panic or rush to fix this new bug. So far, security experts say no primary service has been hit and primary services aren’t venerable. But you should scan your networks for old versions, especially Apache.
This is what I meant when I said Bash, or Shellshock, could make Heartbleed look like child’s play, I’m not trying to spread panic or fear. I just believe it’s our duty to report potential dangers as we see it, and to tell people what they can do to remain safe. For example, if you saw an oncoming car approaching a loved one, wouldn’t you do what you can to get him or her out of the way? But this sounds like a good time to patch new systems and get updated versions of old machines and systems. This has been a security alert: bash bug message. What can you do to keep your machine safe?