Apple: majority of OS X users are safe from Bash bug

Mac
Feeling Shellshocked? Deep breaths, it will (hopefully) be ok

Earlier this week, we reported on a newly-discovered security vulnerability, nicknamed 'Shellshock', that could affect UNIX-based operating systems including Linux, Mac OSX and Android - potentially even letting hackers overtake an operating system.

People have been calling it "worse than Heartbleed", but Apple has spoken up to reassure OS X users who are concerned that they might be under threat, and promised that it's working on a fix right now.

"The vast majority of OS X users are not at risk to recently reported bash vulnerabilities," a spokesperson for Apple told TechRadar in a statement.

"Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users."

Quickly, quickly!

If you are in the minority of vulnerable folks that Apple refers to, the advice would be to switch off any of the advance UNIX services for now and hold out for a patch.

Bash has been present in every UNIX system since its introduction in 1989, which obviously means that the extent of the damage is potentially massive.

Which is why we're crossing our fingers that Apple and other can patch the problem quickly, before the flaw is abused.

Bash vulnerability: everything you need to know

Hugh Langley

Hugh Langley is the ex-News Editor of TechRadar. He had written for many magazines and websites including Business Insider, The Telegraph, IGN, Gizmodo, Entrepreneur Magazine, WIRED (UK), TrustedReviews, Business Insider Australia, Business Insider India, Business Insider Singapore, Wareable, The Ambient and more.


Hugh is now a correspondent at Business Insider covering Google and Alphabet, and has the unfortunate distinction of accidentally linking the TechRadar homepage to a rival publication.