Skip to main content

Shellshock: Apple tells OS X users not to worry

Apple has admitted that most OS X users have nothing to be concerned about when it comes to the bug that has been dubbed “worse than Heartbleed”.

In a statement the firm admitted that it is already working on a software update for advanced UNIX users that repairs the major exploit that can be used by hackers to gain access to connected devices by inserting malicious code into the “Bash” command shell in OS X and Linux.

Read more: How to protect yourself from Shellshock and avoid infection

“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities," an Apple spokesperson told iMore. "Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”

Shellshock hit the headlines yesterday with many security researchers, including Darien Kindlund from FireEye, stating that “it’s worse than Heartbleed” and Robert Graham adding that some systems won’t be able to be patched to prevent damage.

The bug is a ubiquitous one and as such a large per cent of software across the web is constantly interacting with the shell and there are a number of ways it can infiltrate software.

Regular users of OS X don’t have any real need to panic and Apple has been at pains to point out it's advanced users that have configured UNIX services that are mainly at risk and may need to turn off services or apply home-made patches using Xcode.

For the full rundown on how to protect your machines from the Bash big, check out guide on the measure that can be taken.

Jamie is a freelance writer with over eight years experience writing for online audiences about technology and other topics. In his time writing for ITProPortal he wrote daily news stories covering the IT industry and the worldwide technology market, as well as features that covered every part of the IT market, from the latest start ups to multinational companies and everything encompassed by the IT sector. He has also written tech content for our sister publication, TechRadar Pro. Jamie has since moved into sports betting content and is Content Manager at Betbull.