Apple Releases OS X Bash Update to Fix 'Shellshock' Security Flaw in Mavericks, Mountain Lion, and Lion
Apple today released OS X bash update 1.0 for OS X Mavericks to fix a vulnerability in the bash UNIX shell.
The security flaw, known in the media as "Shellshock," was discovered last week. Uncovered by security researchers, the exploit in the bash command shell in OS X and Linux could be used to deploy malicious code.
According to an Apple spokesperson, most OS X users were not at risk form the bash vulnerabilities, but the company promised to work quickly to provide an update.
Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.
Along with the fix for OS X Mavericks, Apple has released updates for both OS X Lion and OS X Mountain Lion. There is no Yosemite download available as of yet, but Apple may be planning to issue a fix in the near future. The three updates are available via Apple's support pages and should be available via the Software Update tool soon.