Sign In

Communications of the ACM

ACM News

Shellshock: 'deadly Serious' New Vulnerability Found

View as: Print Mobile App Share:
Artistic representation of a newly discovered software vulnerability.

More than 500 million computers could be affected, early estimates suggest.

Credit: Thinkstock

A "deadly serious" bug potentially affecting hundreds of millions of computers, servers and devices has been discovered.

The flaw has been found in a software component known as Bash, which is a part of many Linux systems as well as Apple's Mac operating system.

The bug, dubbed Shellshock, can be used to remotely take control of almost any system using Bash, researchers said.

Some experts said it was more serious than Heartbleed, discovered in April.

"Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system," Prof Alan Woodward, a security researcher from the University of Surrey, told the BBC.

"The door's wide open."


From BBC News
View Full Article


No entries found