Go
or browse by category
    All Articles Mac OSX
    Shellshock Vulnerability: Easy Security Check For Your Mac
    Martin Sitter on Thu, September 25th 1 comments
    Language
    Your Apple computer is probably susceptible to the Shellshock vulnerability. Use this simple check to see if you're computer is vulnerable ...
    Shellshock is a bug in UNIX that affects Mac OS. You can quickly check to see if your computer is vulnerable by running this command in Terminal:



    env x='() { :;}; echo vulnerable' bash -c 'echo hello'




    shellshock terminal command line prompt

    Oh shoot ... my laptop is vulnerable. Please Apple, put out an OS update soon ...


    If your computer returns "vulnerable" after you run the command ... well, the answer is obvious. And there's not much you can do about it other than turning on your built-in firewall and hoping for the best.

    Security & Preferences Firewall

    Visit System Preferences > Security & Privacy Pane and turn on your firewall!  I use it always ... 


    You can also be proactive in protecting yourself: until Shellshock is patched, you should avoid using open networks in public spaces. You're quite safe using the internet at home or your office ... no need to panic. It's difficult for people to exploit Shellshock if they're not on your network. 

    While this bug isn't per-se Apple's fault (it affects UNIX itself, which Mac OS is built on), they still need to fix it quickly. Check your Software Updates soon as I'm sure it will be fixed soon ... though as of writing there's no security patches available for OS 10.9 Mavericks or below.


    How to find terminal application

    Command-Spacebar and search for "Terminal" to quickly launch it. Don't try directory-diving to find this well-hidden application.




    Related
    Martin Sitter
    Martin Sitter is the Founder of NonLinear Educating Inc., and the CEO of macProVideo.com, AskVideo.com, and Ask.Audio. Martin started out as a DJ and Record Producer in the 90s. At the turn of this Century, Martin was recruited by Apple Computers to design and author their Official Software Training Curriculum for Logic, Soundtrack Pro, and DVD Studio Pro. Martin wrote the Original Apple Pro Training series books for the above topics. He's also a best-selling technical author of over a dozen books, spanning various topics in audio and video editing & design.
    Comments (1)

    You must be logged in to comment.

    • pointadnb
      $ mkdir bash-fix $ cd bash-fix $ curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf - $ cd bash-92/bash-3.2 $ curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0 $ cd .. $ xcodebuild $ sudo cp /bin/bash /bin/bash.old $ sudo cp /bin/sh /bin/sh.old $ build/Release/bash --version # GNU bash, version 3.2.53(1)-release $ build/Release/sh --version # GNU bash, version 3.2.53(1)-release $ sudo cp build/Release/bash /bin $ sudo cp build/Release/sh /bin
      • 4 years ago
      • By: pointadnb
      Reply
    Related Articles
    Feedback
    Course Advisor
    Don't Know Where To Start?
    Ask A Course Advisor
    Ask Us!
    Copy the link below and paste it into an email, forum, or Facebook to share this with your friends.
    copy
    Make money when you share our links
    Become a macProVideo.com Affiliate!
    The current affiliate rate is: 50%
    Sign Up
    Classes Start Next Week!
    Live 8-week Online Certification Classes for: