A new exploit is starting to rear its ugly head – and it affects the ubiquitous Unix command shell package, Bash.
A security team at software developer Red Hat discovered the exploit which affects Linux and Mac OS X users. If the shell is accessed through the right channels, a hacker can insert executable code into other parts of the software. As a result, despite the desire of researchers not to overplay the problem, it’s been nicknamed “shellshock”.
“A significant vulnerability called Shellshock has emerged that impacts approx. a half billion web servers and other Internet-connected devices including mobile phones, routers, medical devices,” according to the threat defence experts at Trend Micro.
The folks over at Trend Micro have made a handy infographic to explain things a little bit better:
[Header image – Day 342 – CC by 2.0/Christophe Verdier]