Apple: Most OS X Users Safe from 'Bash' Security Flaw, Software Update Coming Soon

by

terminalicon2 Yesterday, it was revealed that security researchers from Red Hat uncovered a major exploit in the "Bash" command shell found in OS X and Linux. Named "Shellshock" by security experts, the exploit allows hackers to gain access to web connected devices and services through the use of malicious code.

Now, an Apple spokesperson (via iMore) has commented on the matter, stating that the majority of OS X users are safe from the exploits and that the company is working to provide a software update for advanced UNIX users:

The vast majority of OS X users are not at risk to recently reported bash vulnerabilities," an Apple spokesperson told iMore. "Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.

The exploit was called "as big as Heartbleed" by security researcher Robert Graham, who was referring to a flaw discovered in the popular open-source software OpenSSL that affected 66% of the Internet earlier this year. Apple eventually announced that Heartbleed did not affect its software or key services, and also released updates for AirPort Extreme and Time Capsule. It is likely that a fix for the Bash exploit will arrive relatively soon for users.

Popular Stories

Apple Shopping Event 2025

Apple Announces 2025 Black Friday Event, Here's What You Can Get

Thursday November 20, 2025 6:28 am PST by
Apple's annual four-day Black Friday through Cyber Monday shopping event is returning on Friday, November 28 through Monday, December 1 in many countries, including the United States, Canada, Australia, New Zealand, France, Germany, Italy, Spain, the United Kingdom, Belgium, the Netherlands, Sweden, Thailand, and others. During the shopping event, customers can get an Apple gift card with...
Read Full Article41 comments
iOS 26

iOS 26.2 Adds These New Features to Your iPhone

Thursday November 20, 2025 10:50 am PST by
iOS 26.2 is currently in beta testing. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics for Apple Music, and more. In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date. Keep reading...
Read Full Article27 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article104 comments
hikawa phone grip stand apple%402x

Apple Launches Second Limited-Edition iPhone Accessory in a Month

Friday November 21, 2025 3:53 am PST by
Apple has begun selling the Hikawa Phone Grip and Stand, a new limited-edition iPhone accessory designed with accessibility in mind. Designed by LA-based Bailey Hikawa to celebrate the 40th anniversary of accessibility at Apple, the grip uses magnets to securely snap onto any iPhone with MagSafe. Apple says it can be removed with ease, and doubles as a stand with two different viewing...
Read Full Article125 comments
ipad mini 7 feature red and blue

iPad Mini 8: Four Major New Features to Expect

Wednesday November 19, 2025 7:50 am PST by
Apple's eighth-generation iPad mini is highly likely to arrive next year, offering a significant refresh of the device with at least four major new features. OLED Display The next-generation version of the iPad mini could feature an OLED display, as part of Apple's plan to expand the display technology across many more of its devices. Apple's first OLED device was the Apple Watch in 2015, ...
Read Full Article67 comments
watchos 26 workout app

Apple Watch Users Claim Workout App Is Now Worse in Every Way

Thursday November 20, 2025 7:01 am PST by
Apple Watch owners have been voicing their frustration online over changes to the Workout app that Apple introduced in watchOS 26, with many finding the redesigned interface makes starting exercises difficult and exasperating. When Apple launched watchOS 26 in September, the Workout app went from large, easily tapped workout tiles to a scrolling, corner-button interface. Instead of tapping a ...
Read Full Article229 comments
applecare apple care banner

Apple Brings New AppleCare+ Options to India

Tuesday November 18, 2025 8:42 am PST by
Apple today announced an expansion of AppleCare+ coverage in India, with new options for monthly and annual plans, and the addition of Theft and Loss for iPhone for the first time. Options for monthly and annual AppleCare+ plans in India provide more choice and flexibility, allowing users to keep coverage for as long as they require. Apple's vice president of Worldwide iPhone Product...
Read Full Article6 comments
ipad black friday 2025

The Best Early Black Friday iPad Deals

Thursday November 20, 2025 10:20 am PST by
Black Friday is just over a week away, and iPad deals have finally started to flood in at retailers like Amazon and Best Buy. Below we're tracking discounts on every current generation iPad, including lowest-ever prices on M3 iPad Air and M5 iPad Pro, plus steep markdowns on iPad and iPad mini. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a ...
Read Full Article7 comments
apple wallet drivers license feature iPhone 15 pro

Two More U.S. States Commit to Offering iPhone Driver's Licenses in Apple Wallet App

Thursday November 20, 2025 8:21 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. Earlier this week, Illinois became the 13th state in the U.S. to offer the feature. Subsequently, we shared a list of additional states that are committed...
Read Full Article38 comments

Top Rated Comments

Glassed Silver Avatar
Glassed Silver
146 months ago
Might as well include this with the Yosemite update.
Even after Yosemite will be released prior major versions of OS X like Mavericks are still in active support, especially for security patches.

If you think that holding this sort of an update for 3-4 weeks when a patch is available is acceptable I think your expectations are a little low.

Update needs to be shipped asap. End of story.

Glassed Silver:mac
Score: 16 Votes (Like | Disagree)
katewes Avatar
katewes
146 months ago
I really hope they release an Update for Lion forwards. A lot of users on White MacBooks were prematurely left behind with Lion because Apple couldn't be bothered to rewrite the graphics driver.

Also there are a lot of people who won't want to update to Yosemite, so an update for 10.7,10.8,10.9 and 10.10 will hopefully ship :)


I'd rather they fix it for ML and Mav now.


And Lion!!!

All of you. Spare a thought for those loyal Mac users still running Snow Leopard.

I'm forced to keep my 2006 white, matte-screen iMac because Apple won't make anti-glare screen iMacs anymore. While the current iMacs have less glare, you can still use it as a mirror.
Score: 11 Votes (Like | Disagree)
bradl Avatar
bradl
146 months ago
Allowing remote access to bash is vulnerable by definition, it's not a bug but a feature.
Not necessarily; tcsh, ash, zsh, and ksh don't have this issue, and they are just as accessible remotely.


It doesn't look like dhcp is affected on OS X btw, you need a service that sets environment variables from user input.
IIRC, the DHCP server can set those, let alone run scripts as soon as it successfully allocates an IP address to a client. So if running as a server, it could possibly affect it. It definitely does in Linux. I haven't set up dhcp server on my MBA, nor do I intend to, but the situation could still exist, especially if someone rolls their own.

typical online media always blowing things out of proportion
I don't think you understand the magnitude of this vulnerability. EVERY version of Unix or unix-like operating system that uses bash is vulnerable: Linux, Solaris, OS X, Next, Ultrix, SunOS, OSF/1, AIX, HP/UX, NetBSD, FreeBSD, and Irix are all included. If you wanted to stretch it, Windows is also vulnerable through Cygwin. That sure as hell isn't the media blowing it out of proportion, especially if nearly every service a machine could run uses these as its underlying OS.

The magnitude of this is far more reaching than you realize.

BL.
Score: 9 Votes (Like | Disagree)
chrfr Avatar
chrfr
146 months ago
Everything now a days gets blown out of proportion. I remember all the y2k crap and it came and nothing happened.
The reason "nothing happened" is in no small part due to all the work that was done to prepare.
Score: 8 Votes (Like | Disagree)
iLilana Avatar
iLilana
146 months ago
wait

the sky isn't falling?
Score: 7 Votes (Like | Disagree)
TalonFlyer Avatar
TalonFlyer
146 months ago
Apple "Bashing"

This is just a media blitz against Apple.

I've used UNIX for over 30 years.

If you don't know what UNIX is, you're most likely not at risk at all.

If you like to tweak you OS with non-Apple configurations, you might be slightly at risk.

If you're a bonehead, you're at risk.

This is blown way out of proportion. Some poster say Apple needs to patch this immediately, B.S., 99.99999% of Apple users will never have an issue. However, if you are running Linux/Unix servers, you might want to watch this more closely.
Score: 6 Votes (Like | Disagree)
Read All Comments