Remember the Heartbleed security bug that wreaked havoc in 2013? Well, hold on to your computers because there’s another bug online, and analysts are saying that this one is much worse than Heartbleed.
This new security bug is called Shellshock or Bash, and it is a security flaw that is integral to a computer’s shell. This means that even Linux systems are vulnerable, which makes the bug even more dangerous than Heartbleed.
The most basic functions of Linux, UNIX and even OS X are at risk of being injected with random codes that can possibly be malicious. The Bash security bug will execute the code without running any verification on it.
The bug was discovered by Stephane Chazelas in the Bash command interpreter and it exposes websites, servers and even home routers to hackers. The Bash security bug is present in Bashup up to version 4.3. Ubuntu users can relax, though. The Dash cannot be infected by the Bash security bug, as Ubuntu is using Debian-derived systems.
Director of Threat Research at FireEye, Darien Kindlund, had this to say about the Bash security bug:
This bug is horrible. It’s worse than Heartbleed, in that it affects servers that help manage huge volumes of internet traffic. Conservatively, the impact is anywhere from 20 to 50 per cent of global servers supporting web pages. Specifically, this issue affects web servers using GNU BASH to process traffic from the Internet. In addition, this bug covers almost all CGI-based web servers, which are generally older systems on the Internet.
Fortunately security developers have already come up with a patch for the flaw. Are you worried about this Bash security bug? Do you think it will affect you? Drop us a line in the comment section below, we would love to hear your thoughts on this matter.