A French IT manager recently discovered a flaw in the way millions of devices communicate across the internet. The bug is found in “bash,” which is a program that translates human-readable commands into a language readable by the computer’s operating system. This bug affects any device that can connect to the internet and uses the operating systems Linux, Apple’s iOS, and some devices that use Android and Windows. Devices with the bash shell use the program to run simple commands, but also look to the program for additional information for the command, such as the device type or web browser. PC Magazine refers to this attack as “a classic code-injection attack,” meaning that if the attacker can obtain a piece of code, they would just have to change some of the commands and be able to take complete control of the machine. Cybersecurity experts are rating this exploitation a “10” and saying the severity is “catastrophic.” Businesses, universities, hospitals, and other organizations with large networks are scrambling to fix this issue.
Many of the popular Linux distributions have already come out with a patch for this issue, and others are working on it. Apple is also working on the issue and is expected to release a patch over the next few days. Although not many systems have been affected to date, it is estimated that this attack will become worse than the Heartbleed attack earlier this year, when millions of hospital records were stolen, including social security numbers.
A general overview of this attack can be found on CNN’s website, and a more technical, in-depth article can be found on PC Mag’s website.
Loyola’s ITS department is already in the process of patching all systems that are affected by this vulnerability.
This article will be updated once more information is released, including patch releases, affected systems, and other solutions.
Update: As of last week, many Unix patches have been released to solve the largest bash issue, but since then, other issues have been found and patched. Apple released a statement saying that most users will not be affected, but that may not be the case. Apple noted that on many systems the default settings that protected against remote exploits were not changed, but if any users changed their system’s settings, they could be at risk. Google also released a statement that most Android users should not be affected since the operating system did not use bash. However, if the user or a corporation changed the software, since it is open-source, they could be at risk. Simply stated, not as many users may be at risk as initially suspected, but it is still suggested to keep an eye out for software updates on any potentially affected devices and for suspicious activity on your devices, as developers continue to monitor the issue and release patches to make systems resistant to this bug that has been around for years.