Update: Shellshock Vulnerability Requires Attention
Apple has released a security update for the critical Shellshock vulnerability in the Bash utility that is included with Mac OS X. Discovered in late September, Shellshock can potentially exploit all devices running Bash (including Unix, Linux, and Mac OS X operating systems), and is rated 10 on a scale of 10â€”the highest level alert that can be issued.
The security update is available for Mac OS 10.7, 10.8, and 10.9, but has yet to be released through Appleâ€™s Software Update tool. However, the update is available through the IBM Endpoint Manger offered by SysMan, for those units using that service. Apple reports that systems running OS X are not at risk from Shellshock unless advanced UNIX services are configured on them, which is not likely for the vast majority of Macs. However, it is recommended that the update be applied if possible.