'Bash' Security Flaw in OS X Allows for Malicious Attacks on Devices and Services
Security researchers from Red Hat have uncovered a new exploit in the common "Bash" command shell found in OS X and Linux which can be used to deploy malicious code with minimal effort. Due to the ubiquity of the Bash shell, the exploit can affect a wide variety of different web-connected devices and properties, including unsecured websites, smart home appliances, servers, and more.
Security researcher Robert Graham noted on his blog that the Bash exploit is "as big as Heartbleed," referring to the flaw discovered earlier this year in the popular OpenSSL software which secures connections between clients and servers:
Internet-of-things devices like video cameras are especially vulnerable because a lot of their software is built from web-enabled bash scripts. Thus, not only are they less likely to be patched, they are more likely to expose the vulnerability to the outside world.
Unlike Heartbleed, which only affected a specific version of OpenSSL, this bash bug has been around for a long, long time. That means there are lots of old devices on the network vulnerable to this bug. The number of systems needing to be patched, but which won't be, is much larger than Heartbleed.
Heartbleed was said to have affected 66% of the Internet, although Apple announced in April that the exploit did not affect its software or "key services." Apple also released updates for the AirPort Extreme and Time Capsule to better secure both web devices against Heartbleed.
A topic discussing the Bash exploit on StackExchange also notes that Apple did not include a fix for the bug in its latest round of security updates that came alongside the release of OS X Mavericks 10.9.5 last week. It is possible however that Apple will release a fix for OS X in the near future to address the exploit, similar to what it has done for other security issues in the past.
Popular Stories
Apple is set to release iOS 18.2 in early December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as...
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch for 10 more months, there are already plenty of rumors about the devices.
An imaginative iPhone 17 Pro concept based on rumors
Below, we recap key changes rumored for the iPhone 17 Pro models so far:
Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro ...
We've been focusing on deals on physical products over the past few weeks, but Black Friday is also a great time of year to purchase a streaming membership. Some of the biggest services have great discounts for new and select returning members this week, including Disney+, Hulu, Paramount+, and Peacock.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link...
Black Friday 2024 is over, but you can still find great deals on numerous Apple devices this weekend. Right now, this includes big savings on AirPods, Apple Watch, MacBook Air, iPad, and more.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
Specifically, in...
Apple's iPhone 17 Pro and iPhone 17 Pro Max will offer "significant design changes," The Information's Wayne Ma reports.
The two flagship iPhone 17 models will be the first high-end iPhones to feature an aluminum frame since the delineation of the iPhone lineup into Pro and non-Pro models. In recent years, lower-end iPhone models such as the iPhone SE and iPhone 16 have featured aluminum...
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup.
If you plan to skip...
The Information's Wayne Ma and Qianer Liu today published an in-depth report about the "iPhone 17 Air," revealing several new details about the device.
The report said prototypes of the device have a thickness of between 5mm and 6mm, which would make it the thinnest iPhone ever. In comparison, iPhone 16 models are 7.8mm thick and iPhone 16 Pro models are 8.25mm thick.
Due to this...
Black Friday 2024 is tomorrow, and as always this will be the best time of the year to shop for great deals. Right now, this includes big savings on popular Apple products like AirPods, Apple Watch, MacBook Air, iPad, and more.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the...